What are the best ways for employees to surf the Web anonymously?

Find out how employees can surf the Web anonymously.

Nick Lewis

I work for a non-profit organization that provides fellowships. Recently we visited a website of a particular fellow, and when we followed up with a phone call, he already knew that we were at his website. Can you explain how he knew we were on his website, what tools he may have used, and what the best ways are for our users to use the Web anonymously?

There are a couple ways the fellow could use to find out if you visited his website. The same tools used for website analytics can profile individual Web visitors. He could have quickly looked at his website analytics report while he was on the phone with you. What the man most likely did was look in his website analytic report and see that someone from your IP address space had looked at his website. He could have even gotten your IP address from an email that you sent to him. The IP addresses used in organizations many times can be looked up in the Whois domain search and can also map from your organization IP space to your ISP.

There are two basic types of tools he may have used to identify you as a visitor. He could have had a Web-based tool like Google Analytics or tools he installed on his website, like the open source AWStats or the commercial WebTrends. He could have also manually looked up your organization's IP space and searched for it in his logs.

There are a couple different ways for your employees to surf the Web anonymously, depending on the technical sophistication of your end users and your specific needs. You can either implement a Web proxy for anonymous Web browsing, like those at Anonymizer.com or an anonymity network like Tor. Both types of tools need to be configured on your local computers for maximum effectiveness in case you have mobile computers. If all of your computers access the Internet through your local network, you could also configure a local Web proxy on your network and then tunnel this proxy though an anonymous proxy service

This was last published in May 2010

Dig Deeper on Web browser security

proxy server What is a proxy server? A proxy server acts as an intermediary between an end user and the Internet for security, privacy, administrative control and caching services.

Hacking Web Intelligence In this excerpt from chapter 8 of Hacking Web Intelligence, authors Sudhanshu Chauhan and Nutan Panda discuss how to be anonymous on the internet using proxy.

How can phishing attacks that use proxy programs be stopped? Phishing attacks are adopting new functionality to avoid detection, including the use of proxy programs to simplify the attack process. Learn how to defend against this type of risk.

Tor networks: Stop employees from touring the deep Web Are employees using Tor to view blocked Web sites, or mining Bitcoins on corporate resources? Sinister or not, it needs to stop.

Assessing the threat of proxy auto-config malware Expert Nick Lewis explains how attackers are taking advantage of proxy auto-config capabilities in browsers and what mitigations can be put in place.

Anonymous hackers hijack US agency website Anonymous hackers embed a video statement on a US government agency website in response to the death of digital activist Aaron Swartz

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading

How can companies prevent and respond to island hopping attacks?

Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading

What are the best criteria to use to evaluate cloud service providers?

Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

How to implement zero-trust cloud security

The nature of cloud environments and workloads is changing. Security team approaches must evolve in response. Learn how to ...

AWS Access Analyzer aims to limit S3 bucket exposures

Amazon Web Services introduced the Access Analyzer tool at its re:Invent event. The new option aims to help users avoid ...

How to evaluate CASB tools for multi-cloud deployments

When it comes to evaluating CASB tools, it's essential to be an informed customer. Identify your organization's usage and ...

SearchNetworking

Assess the Wi-Fi 6 features available in Wave 1 and Wave 2

Catch up on the different features available with the first wave of Wi-Fi 6, including OFDMA and Target Wake Time, and find out ...

3 networking startups rearchitect routing

Networking startups Arrcus, DriveNets and Volta Networks help service providers redefine routing in the data center and at the ...

A deep dive into the differences between 4G and 5G networks

Yes, 4G and 5G network architectures will differ, but organizations may not see change for some time. This feature explores 4G ...

SearchCIO

Shell, Halliburton, Unibap AB execs share real-world AI strategies

Technology advances like quantum computing mean AI's best years are still to come, but that doesn't mean companies aren't already...

What's the difference between RPA and IPA?

To prepare for robotic process automation combined with the more sophisticated intelligent process automation, CIOs first need to...

The technological evolution of IT industry leaders: 2000 - 2020

As technology has shifted since 2000, so have IT leaders. This guide looks at how Oracle, Cisco, Dell and SAP have adapted to ...

SearchEnterpriseDesktop

Cut through confusion of the digital workspace market

What is a digital workspace, exactly? Find out the definition of this new technology, what it means for the future of end-user ...

Windows 10 issues top list of most read stories for IT pros

IT pros seemed focused on the latest Microsoft OS, based on our most read stories for 2019. That may not come as a surprise, ...

How to fix printer problems after a Windows 10 update

Windows 10 updates, especially an update to Windows 10 version 1809, can sometimes cause printer issues. You can fix these ...

SearchCloudComputing

Review these Azure Service Bus best practices

When applications talk, you need to listen. Learn about Microsoft's cloud messaging service, its main features, best practices to...

Instill cloud change management best practices

Automation is essential to change management in the cloud. Discover the best practices that ensure your IT team is in sync and ...

How much cloud does an IT disaster recovery plan need?

It's not easy to get the right mix of traditional and cloud-based DR resources. Here's how to strike a balance between what's ...

ComputerWeekly.com

Dutch government must facilitate and coordinate a broad eID system

The Dutch government should push for an electronic ID system for its citizens that works across the public and private sectors, ...

Qualcomm claims world first for 5G mixed reality

5G-supported extended reality platform is claimed to offer more immersive, intelligent and connected experiences

Cyber security takes its place alongside UK’s armed services

Head of armed services says cyber security will take its place alongside the army, navy and air force as a key pillar of the UK’s...

What are the best ways for employees to surf the Web anonymously?

Find out how employees can surf the Web anonymously.

Dig Deeper on Web browser security

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

How can companies prevent and respond to island hopping attacks?

What are the best criteria to use to evaluate cloud service providers?

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

How to implement zero-trust cloud security

AWS Access Analyzer aims to limit S3 bucket exposures

How to evaluate CASB tools for multi-cloud deployments

SearchNetworking

Assess the Wi-Fi 6 features available in Wave 1 and Wave 2

3 networking startups rearchitect routing

A deep dive into the differences between 4G and 5G networks

SearchCIO

Shell, Halliburton, Unibap AB execs share real-world AI strategies

What's the difference between RPA and IPA?

The technological evolution of IT industry leaders: 2000 - 2020

SearchEnterpriseDesktop

Cut through confusion of the digital workspace market

Windows 10 issues top list of most read stories for IT pros

How to fix printer problems after a Windows 10 update

SearchCloudComputing

Review these Azure Service Bus best practices

Instill cloud change management best practices

How much cloud does an IT disaster recovery plan need?

ComputerWeekly.com

Dutch government must facilitate and coordinate a broad eID system

Qualcomm claims world first for 5G mixed reality

Cyber security takes its place alongside UK’s armed services

Related Resources

Dig Deeper on Web browser security

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.