How to surf securely

**Renk** · 24.04.10, 06:44

Huge issue, not to be solved in a few lines for sure.

But I just found a tool which could interest those who are security concerned.

What you have to do is to configure your browser's http proxy setting with

Code:

www.spybye.org :8080

then go to

Code:

http://spybye.org

and write the url of the site you want to visit.

You can test this tool e.g. on one of the Google's Top Ten Malware Sites:
Google Online Security Blog: Top 10 Malware Sites

Or you can test it on sbi too. Results: SBI is clean and safe !!!

Interpreting SpyBye Output

SpyBye classifies URLs into three categories:

* harmless: A URL that originates from your web site or is matched by a pattern in the good patterns file.

* unknown: A URL that did not originate with your web site. This is likely to be 3rd party provide content and could be dangerous. If you see an unknown URL that you do not recognize, something might be wrong with your web site.

* dangerous: A URL with a high likelihood of being dangerous. This is usually an indication that your web site has been compromised. You should check if all your web applications have the latest security patches installed, you might also have to reinstall your web server. Attackers usually leave backdoors that give them remote access to your site, even after you have removed potential exploits from your web pages.

How to get SpyBye running - Niels Provos

You can have a look at the spybye's code here:
spybye - Project Hosting on Google Code

You can use this tool in conjunction with privoxy and/or polipo and/or squid in order to be (almost) entirely sure in chaining (I suppose but correct me if I committed mistake) in the following way:

Code:

your browser <-> squid <-> privoxy <-> polipo <-> spybye <-> the Wild Wide Web

NB: A suggestion: Why not to open on sbi a "paranoid" section ? It would be a transversal section, with extreme ideas, config and tutos about various subject (mainly in connection with security) such as the previous one, or better "how to use Tor and I2P together" or "how to use Ants or Rshare on I2p inside a VM through VPN" (or "The most complicated and tricky way to kill your fiber connection and melt your octocore processors").

**CS Curse** · 24.04.10, 09:50

I just tried it. It was easy to set up. However, you go to the site where you have to type in the url. After that is done, it goes to the website but puts a big bar above the site with the details of the analysis of the website. That bar covers up half my screen! So that is very inconvinient. There is another thing: If you click on a link on a website, the link opens up in a new window, but does not seem to be checked.

**anon** · 24.04.10, 18:58

Originally Posted by Renk

What you have to do is to configure your browser's http proxy setting with

Code:

www.spybye.org :8080

then go to

Code:

http://spybye.org

and write the url of the site you want to visit.

Is it me or the proxy is extremely slow... to the point it's not even loading?

NB: A suggestion: Why not to open on sbi a "paranoid" section ? It would be a transversal section, with extreme ideas, config and tutos about various subject (mainly in connection with security) such as the previous one, or better "how to use Tor and I2P together" or "how to use Ants or Rshare on I2p inside a VM through VPN" (or "The most complicated and tricky way to kill your fiber connection and melt your octocore processors").

I like the idea. Let me talk that with the rest of the staff.

**LiD3** · 03.09.10, 15:26

I'd just like to add project codeen here(for those that think spybye is slow) without having to start a new topic. Of course theres no guarantee of security.

CoDeeN -- A CDN on PlanetLab
Port 3127/3124
CoDeeN Statistics

**Gapo** · 05.11.10, 11:00

Originally Posted by LiD3

I'd just like to add project codeen here(for those that think spybye is slow) without having to start a new topic. Of course theres no guarantee of security.

CoDeeN -- A CDN on PlanetLab
Port 3127/3124
CoDeeN Statistics

CoDeeN is such a horrible proxy project to use, FWIW.

Originally Posted by anon

I like the idea. Let me talk that with the rest of the staff.

Updates?