I've set up a proxy server on AWS in the US in order to allow me to browse the american internet from the UK, however I would like to hide this so that the reverse end cannot detect I am using squid. Is this possible, and if so, how?
#Privacy Things
via off
forwarded_for off
follow_x_forwarded_for deny all
Since version 3.0 you need to build squid from source for these limitations to work with some special flag for './configure'. This is how I build mine:
this is my config, now my squid proxy not detected anymore.
#Anonymizing traffic
forwarded_for off
#request_header_access Allow allow all
#request_header_access All allow all
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
Have you considered setting up a VPN to the AWS instance instead of setting up Squid? Then route traffic through the AWS instance, which would avoid squid and be undetectable. Just throwing it out there. That's exactly how a friend of mine set up a VPS in the UK to access the BBC.
via off
forwarded_for off
request_header_access From deny all
request_header_access Server deny all
request_header_access WWW-Authenticate deny all
request_header_access Link deny all
request_header_access Cache-Control deny all
request_header_access Proxy-Connection deny all
request_header_access X-Cache deny all
request_header_access X-Cache-Lookup deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access Pragma deny all
request_header_access Keep-Alive deny all
You can inhibit X-Forwarded-For with
in squid.conf
this is all I've required but further headers you may wish to deny are at http://www.christianschenk.org/blog/enhancing-your-privacy-using-squid-and-privoxy/
This is straight from my squid.conf:
Since version 3.0 you need to build squid from source for these limitations to work with some special flag for './configure'. This is how I build mine:
(CentOS 5.5)
this is my config, now my squid proxy not detected anymore.
Have you considered setting up a VPN to the AWS instance instead of setting up Squid? Then route traffic through the AWS instance, which would avoid squid and be undetectable. Just throwing it out there. That's exactly how a friend of mine set up a VPS in the UK to access the BBC.
Turn Squid3 headers off