Users are able to find my origins IP via Censys - security

How are users able to find the IP of my origin servers using a tool like Censys.io- I'm using cloudflare and have recently suffered a DDoS attack.
I've been looking up some other sites on this service and was able to find some IPs as well. How can I prevent this from happening? I've been trying to find a solution to this but I can't really think of the right terms.

Related

How can I find where was my website hosted

Ok it may sound strange, but I forgot where is one of my websites hosted.
I remember the domain name and I have access to setup the DNS server, but I don't remember the nameserver. It was something like ns113.icndns.net but I checked and the domain is not there.
When I use that tool I see my domain name listed there: https://viewdns.info/reverseip/?host=nemo.icnhost.net&t=1
But what are the dns server names? Is there an easy way to find or am I missing something general knowledge? Please help.
p.s. I don'g have access to the hosting account and the guy having it will return at the end of the week, but it is too late.
Some website do the job for you, such as https://who.is
it will give informations regarding a specific url.
You can also use command whois from nslookup tools to resolve those kinds of problems
https://www.manpagez.com/man/1/whois/
cheers

How to block users accessing site outside of UK?

Searched the web and unable to find a solution. I have an umbraco site using IIS to host on a Windows server. Any ideas on approach to block users accessing site outside the UK? Htaccess approach would be too slow.... thank you in advance!
That's quite hard to do accurately, as you could have someone based in the UK using a European network provider, which means that they might appear to come from say Holland instead of the UK. It's also possible for people to spoof their location fairly easily if they really want to get at your site.
As Lex Li mentions there are plenty of commercial databases and tools for looking up a user's location, but the accuracy of these varies considerably, not to mention the fact that some of them only support IPv4. Any of these options are going to be slow though, as you'll have to check on every request. You also have to make sure you keep the databases up to date.
Another option would be to proxy your site through something like CloudFront or CloudFlare which both support blocking traffic by country.

how can I hide my IP Address?

Guys I really want to know how to hide my IP Address. And know why is it necessary to hide it?
I tried using anonymox, but I want to hide it without using any third party software.
You could try the methods listed here : https://pc4u.org/windows-10-how-to-connect-to-a-free-vpn-without-going-through-third-party-software/ if you don't want to use a third party software to hide your IP Address. You need to setup a VPN in your computer to achieve that. This will tunnel your network connection.
Source: pc4u.org
The only way to accomplish this without 3rd party software would be to use an online proxy and configure your browser to use said proxy. This will only change your IP as it appears to sites you visit through the browser and not other services you may be using on your computer.
The "best" way to "hide" or change your IP is to use a VPN (which you'll need software for). You can purchase a VPN service from one of Many providers. Some of the providers have their own apps that you can use, or, you can manually configure your own OpenVPN client. There are also many great scripts out there, AWS one-click servers, and cheap VPS providers that make it easier than ever to create your own VPN server. This might be over the "average" users head though...
The benefit of using a VPN is that it not only changes your IP, also encrypt your traffic.
It should be noted that VPN's are not 100% fool-proof. If not configured properly, you will expose your real IP. In addition, many VPN providers are not reputable.
The best recommendation I can make on this and every other topic on online privacy is this site here:
https://privacytools.io
This is (IMO) the best, most comprehensive source of information about protecting your privacy online. They will guide you in the right direction regarding VPN's, proxies, securing your browser, and much, much more. Check it out. Seriously...
OpenVPN has builds for all operating systems. https://openvpn.net
Like i said though, you'll have to purchase access (or if you're brave, find a free 'solution') from a provider and then configure OpenVPN to use your purchased credentials. This is usually about 5$ a month (for the solid / no logs / unlimited bandwidth ones ). There are many, many posts about setting up OpenVPN here on stackoverflow.
Finally, as far as the proxies go, again, you can purchase access to some of the reputable ones or search for a free one - though, in my experience the free proxies are very touch and go.

Access Website With Reverse Proxy

I'm hoping to get some kind of idea if what I have in mind is even possible or if I'm looking in the wrong place.
Basically, my company provides a website which users are able to access online with credentials we sell and provide them. We have another potential customer who would like to access this website. Sadly this customer is very stuck in the past, and they don't allow their users any internet access at all.
For a number of reasons, I don't want them to host their own version of this website. However, I considered that we might configure a web proxy on their network (which is given internet access) which reverse forwards connections to our website. Is this even possible? And should it be attempted? Or are there better ways to achieve this?
Yes it's possible, you can install on their intranet a simple proxy script for example
https://github.com/Athlon1600/php-proxy-app
and modify the index.php and allow from there only a single host to your website.
I don't know what technology you can use on their Intranet network but virtually for every web language, such software is available.
Here is some discussion related to the "Access the sites blocked over the network" that is just for Gmail but it will definitely help you too:
https://superuser.com/questions/453825/how-to-bypass-web-url-filtering-service-to-access-blocked-websites-proxy
For bypassing the firewall and getting access to the blocked sites:
http://www.makeuseof.com/tag/how-to-get-into-blocked-websites-in-school-with-freeproxy/

How to simulate browsing from various locations?

I want to check a particular website from various locations. For example, I see a site example.com from the US and it works fine. The colleague in Europe says he cannot see the site (gets a dns eror).
Is there any way I can check that for my self instead of asking him every time?
This is a bit of self promotion, but I built a tool to do just this that you might find useful, called GeoPeeker.
It remotely accesses a site from servers spread around the world, renders the page with webkit and sends back an image. It will also report the IP address and DNS information of the site as it appears from that location.
There are no ads, and it's very stream-lined to serve this one purpose. It's still in development, and feedback is welcome. Here's hoping somebody besides myself finds it useful!
Sometimes a website doesn't work on my PC and I want to know if it's the website or a problem local to me(e.g. my ISP, my router, etc).
The simplest way to check a website and avoid using your local network resources(and thus avoid any problems caused by them) is using a web proxy such as Proxy.org.
Well, DNS should be the same worldwide, wouldn't it? Of course it can take up to a day or so until your new DNS record is propagated around the world. So either something is wrong on your colleague's end or the DNS record still takes some time...
I usually use online DNS lookup tools for that, e.g. http://network-tools.com/
It can check your HTTP header as well. Only a proxy located in Europe would be better.
Besides using multiple proxies or proxy-networks, you might want to try the planet-lab. (And probably there are other similar institutions around).
The social solution would be to post a question on some board that you are searching for volunteers that proxy your requests. (They only have to allow for one destination in their proxy config thus the danger of becoming spam-whores is relatively low.) You should prepare credentials that ensure your partners of the authenticity of the claim that the destination is indeed your computer.
DNS info is cached at many places. If you have a server in Europe you may want to try to proxy through it
It depends on wether the locatoin is detected by different DNS resolution from different locations, or by IP address that you are browsing from.
If its by DNS, you could just modify your hosts file to point at the server used in europe. Get your friend to ping the address, to see if its different from the one yours resolves to.
To browse from a different IP address:
You can rent a VPS server. You can use putty / SSH to act as a proxy. I use this from time to time to brows from the US using a VPS server I rent in the US.
Having an account on a remote host may or may not be enough. Sadly, my dreamhost account, even though I have ssh access, does not allow proxying.
The only thing that springs to mind for this is to use a proxy server based in Europe. Either have your colleague set one up [if possible] or find a free proxy. A quick Google search came up with http://www.anonymousinet.com/ as the top result.

Resources