How can I trace a connection through a proxy server and/or a VPN?

vpn proxy socks-proxy tracing
37,738

Solution 1

I think the posts above highlight valid points. You are highly unlikely to get anywhere with the tracing of these, and even if you do, you will not likely be able to get anything done about it.

The more proactive thing to do is to find ways to stop it happening and to ensure that your boxes are secure.

The environment I work in had a rule that said if we have sustained attacked (sustained in this instance defined as 10 or more attempts in an hour) we had to report it. This meant we were lodging hundreds of reports a week due to the large amount of people scanning our network. We discussed and decided to drop the reporting side of it as we were as confident as could be that our systems were secure and just had to accept we would be scanned / attempted.

Solution 2

For HTTP, some proxies add some special HTTP header, like X-Forwarded-For, to specify the original IP address. If present, then its value should be used with care, as one can easily add a fake header and make it refer to some innocent person.

Such header won't help you when dealing with FTP (which does not have the notion of HTTP headers), but maybe the same proxy IP address is in your web server logs at about the same time. If so, then you still need to make your web server write the headers to the log, or at least this special header.

Share:
37,738

Related videos on Youtube

HopelessN00b
Author by

HopelessN00b

Just another sad, but unremarkable tale of a bright kid who squandered his potential and ruined his life by turning to a life of IT. Since first embarking down this dark path, I've done a little bit of everything, from small businesses to large datacenters, Linux to Windows, networking and security, DBA roles and, in my darkest moments, even some light mainframe operations. These days it's Microsft products paying the bills, for what difference it makes. Whether it's a multi-domain AD environment with tens of thousands of users, a small cluster of Linux webservers, or a tangled web of network cables, systems are all just complex tools to do complex jobs, perpetually in need of someone to make them perform better and ensure they're always available when someone needs them. Since being a lawyer seemed to boring, being a doctor seemed to hard, and my idea of a good time usually involves using a powerful computer anyway, I really can't imagine doing anything else.

Updated on September 17, 2022

Comments

  • HopelessN00b
    HopelessN00b almost 2 years

    Someone is continuously attacking my ftp servers. I observed the IPs he left, but running whois on all of them, I concluded that they are socks5 proxy servers. I even found the site where he is getting them (sockslist.net).

    Can I somehow trace him through the proxy so I can get his real IP address and report it to his ISP?

    Also, a friend of mine told me that the attacker might be using a VPN for protection, so I'd like to know if there is any way of tracing the connection through a VPN, as well.

    • benc
      benc almost 15 years
      can you change the subject to reflect the type of proxy?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How do I use nordvpn servers as python requests proxies
JSoup over VPN/proxy
Send all OpenVPN traffic through proxy or TOR proxy?
How to route vpn through proxy?
How can I access Facebook and other forbidden websites in China?
Use SOCKS5 with auth in Chrome
Is there a way to prevent web services from knowing that I am using a proxy to connect?
How do I set up VPN or Proxy for playing games through my home internet connection?
Using the Cisco VPN 5.0.07 blocks internet - but shouldn't
How to access google/github respository behind VPN?