GoHacking.com: Ethical Hacking and Cyber Security
Home » HOW-TO GUIDES, INTERNET SECURITY, IP ADDRESS, LEARN HACKING - FOR BEGINNERS

How to Detect Anonymous IP Addresses

Submitted by on Monday, 19 July 201031 Comments

Detect-ProxyAs the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

 

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.

 

2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

 

Proxy Detection Services

 

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.

 

How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.

 

How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

Detect Anonymous Proxy

So for all those who think that they can escape by using a spoofed IP, this post is the answer. I hope this information helps. Pass your comments.

Popularity: 7% [?]


Subscribe to GoHacking.Com


Enjoyed this article?
Subscribe to GoHacking.Com and get daily updates in your email for free


  By using/following this site you agree to our Legal Disclaimer

31 Comments »

  • Pankii said:

    but how can we trace the real ip?
    can we get that easily?

    - 20 July 2010 at 2:36 AM
  • Amal Rajiv said:

    Hey bro can you tell me how to create a batch file virus wich can start at the startup.

    - 20 July 2010 at 11:00 AM
  • gaurav koriya said:

    hmmm its working now its easy to purchase the goods online without any tension

    - 21 July 2010 at 12:47 PM
  • Mars M said:

    Good Information!!!
    Thanks!!!

    Mars M

    - 22 July 2010 at 8:01 AM
  • Mars M said:

    IP address hacking-is it possible???
    Thanks for your post.
    Mars M

    - 22 July 2010 at 9:42 PM
  • Mac said:

    i like hacking with others. thanks to information.

    - 25 July 2010 at 1:12 PM
  • kiley said:

    Srikanth,

    I tried your “How to Send Anonymous Emails – A New Working Way” technique but when i put url as suggested by you then it give me 500 Internet Server Error…

    Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, no-reply@x10hosting.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Give the solution for this …..

    - 1 August 2010 at 12:56 AM
  • shaurya said:

    can we use google.co.uk instead of google.co.in by the use of proxies?

    - 1 August 2010 at 9:47 PM
  • shaurya said:

    can we use google.co.uk instead
    of google.co.in by the use of
    proxies?

    - 6 August 2010 at 11:02 PM
  • Srikanth (author) said:

    @ shaurya

    Yes you can use. All you need to do is use a proxy from UK!

    - 9 August 2010 at 11:45 AM
  • shaurya said:

    From where can I get proxy from uk??

    - 10 August 2010 at 4:31 PM
  • Srikanth (author) said:

    @ shaurya

    Goto http://www.hidemyass.com/youtube-proxy/ to avail UK proxy.

    - 11 August 2010 at 11:19 AM
  • shaurya said:

    Thanks buddy!!

    - 12 August 2010 at 9:32 PM
  • ssmbalaji said:

    Hi

    Is there a way to find the IP address of the computer from where a yahoo.co.in mail id was opened last ?

    Is there a way to find out the IP address of the computer from where a skype id client had chatted last ?

    please give an answer fast.

    Thanks

    S. Sm. Balaji

    - 24 August 2010 at 10:22 PM
  • Srikanth (author) said:

    @ ssmbalaji

    Unfortunately Yahoo doesn’t show up the recent activities (IP logs) like Gmail.

    - 17 September 2010 at 2:13 PM
  • gaurav said:

    Great Job.. :-)
    But i think still we can’t trace the real IP address ?????????

    - 20 October 2010 at 5:27 AM
  • Srikanth (author) said:

    @ gaurav

    It is possible to trace the real Ip, but needs deeper investigation. Nothing is impossible though!

    - 21 October 2010 at 9:33 AM
  • ajay said:

    Hi Good evening .

    how can we find the online user’s IP address.

    - 26 October 2010 at 8:38 PM
  • alex said:

    hi,

    If you want to hide DNS, IP address or unblock websites VPN Service would be really useful.

    - 25 November 2010 at 10:21 PM
  • haroon said:

    thanks for sharing the valuable information

    - 27 November 2010 at 5:40 PM
  • yug dasri said:

    good information thanks……

    - 28 January 2011 at 10:21 AM
  • zlancer said:

    great article! I just bookmarked this site. hope to learn many things from you since i’m also running a blog :)

    - 2 February 2011 at 1:24 PM
  • Ayushi said:

    can v access youtube using proxies..??

    - 15 February 2011 at 10:55 AM
  • HE Amal Rajiv said:

    he Amal Rajiv i have solution for you
    you can copy your virus when its start
    you add these code:
    copy yourfilepath c:\documents and settings\programes\start mune\your username\startup\

    - 22 February 2011 at 1:50 PM
  • mithu said:

    Hi Srikanth ..apparently came across this site….and found it very useful….. nice work !! :) keep it up

    - 9 March 2011 at 2:04 PM
  • Computer Tricks said:

    Is it possible to detect chained proxy ip address?

    - 20 April 2011 at 7:48 AM
  • SAM said:

    it mindblowing…….!
    now i can find proxy n real ips……

    - 20 July 2011 at 7:59 PM
  • Larson said:

    Thanx for the info!!!

    - 21 July 2011 at 9:01 AM
  • A. Anjani said:

    hi,
    can you plz. tell me how to know thew IP address of gmail.com,yahoo.co.in,skype..

    A. Anjani.

    thank’s for this post..

    - 29 October 2011 at 10:32 AM
  • Srikanth (author) said:

    @ A. Anjani

    Just goto command prompt and type nslookup yahoo.com to find out the IP of yahoo.com. So use “nslookup” command to find out the IP of any domain (website).

    - 29 October 2011 at 11:12 AM
  • Rahul said:

    it was a helpful website great work sir thanks for this info.

    - 8 December 2011 at 7:57 AM

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.