Anonymous Surfing – Are we safe behind a NAT?

Somehow somewhere there's a cat watching you

Somehow somewhere there's a cat watching you

During my research on anonymous surfing I ran into some sites that offer anonymous surfing.
What I found there was a big surprise!
I knew that my public ip address is known to any website, along with lots of browser information that can identify me as a “unique” visitor. What I didn’t know is that my internal ip address is also in the open.
This means that even if you think you’re safe behind a firewall and a router, you can still be tracked down!
It can also give site owners information on the internal structure and even size of the network that the requests came from.
They say it’s done by loading a java applet that sends this information to the website.
This also means that even by surfing from a proxy you’re vulnerable!!!!
I wonder what else can this java applet code that runs on the client can send out to the world.

 

So how do you protect yourself?
There are several ways:
1. You can disable active scripts on the browsers (uncomfortable).
2. You can disable/uninstall java run time environment on your machine (not recommended).
3. You can accept the fact that life isn’t fair and that sometimes you need to sacrifice a little privacy for the comfort of surfing interactive websites.

Links:
Anonymous Surfing (sometimes doesn’t work right)
Your external and internal ip information

Website Security Scanners

Security Scan Simulation

Security Scan Simulation

I’ve seen a lot of companies offering a timely vulnerabilities scan for websites.
Those companies give website a “certificate” that the website can put on the site for customers to see that this website is really secured.
I’ve organized a list of some of them:

 

http://www.sitelock.com/
https://www.gamasec.com/
http://www.acunetix.com/
http://www.trust-guard.com/
http://www.websafeshield.com/
http://www.godaddy.com/security/website-security.aspx
http://www.gamasec.com/
http://hackerstopper.com/

I would appreciate it if you can comment on the companies here that you know of, and also maybe tell me about more companies that I don’t know.

Good day,
Meitar Keren