Concealing IP

[ArkNinja]

I was wondering what your guys' perspective was on the best way to conceal your IP/identity. I'm talking about how in the movies you see the internet connection bouncing off many different points before finally connecting to the victim/attacker (depending on if it is from an attacker or victims point of view). I know there are programs (such as Tor) that do this already, but I am wondering about the effectiveness of this tactic. So here are my questions:

1. Can a person who is investigating an attack figure out who connected to the proxy machine without access to the machine logs, and if so how?

2. Does adding to the amount of proxy machines increase the probability of not being caught significantly if access to the logs are not available?

3. Are there ways to mask/spoof your external IP without the use of proxies?

~ArkNinja

[Sparda]

I was wondering what your guys' perspective was on the best way to conceal your IP/identity. I'm talking about how in the movies you see the internet connection bouncing off many different points before finally connecting to the victim/attacker (depending on if it is from an attacker or victims point of view). I know there are programs (such as Tor) that do this already, but I am wondering about the effectiveness of this tactic. So here are my questions:

Some TOR exit nodes may be monitored. However, providing there is at least one additional TOR nodes between you and the exit nod, the exit node does not know your real IP address, the 'middle' TOR node does know your IP address.

1. Can a person who is investigating an attack figure out who connected to the proxy machine without access to the machine logs, and if so how?

No*

2. Does adding to the amount of proxy machines increase the probability of not being caught significantly if access to the logs are not available?

Yes*

3. Are there ways to mask/spoof your external IP without the use of proxies?

Depends

*As long as you don't give the target any information about your self.

[ArkNinja]

3. Are there ways to mask/spoof your external IP without the use of proxies?

Depends

Elaborate?

[Sparda]

Depends

Elaborate?

You can literally use a different IP address to send data, but that means you will never receive a response.

[ArkNinja]

Wouldn't that be a moot point then? It wouldn't really be a connection, unless you were sending over an exploit maybe, then thats when I could see it being useful, but wouldn't a download require a two-way connection as well?

[Sparda]

Wouldn't that be a moot point then? It wouldn't really be a connection, unless you were sending over an exploit maybe, then thats when I could see it being useful, but wouldn't a download require a two-way connection as well?

Exactly ;)

[ArkNinja]

Although you could use that to be a bit tricky by using the IP of a controlled machine then forwarding all traffic back to your IP, it would be the same as a proxy, but might be harder to detect.

[barry99705]

Although you could use that to be a bit tricky by using the IP of a controlled machine then forwarding all traffic back to your IP, it would be the same as a proxy, but might be harder to detect.

Depends on where that controlled machine is.