揭秘价值百万美元的住宅代理服务.pdf

1、Well knock your SOCKS offInsights into a million-dollar residential proxy service whoamiHanno HeinrichsMission Lead:OJoel SnapeSenior R“Were good with computers”Subtitle HereLorem ipsum dolor sit amet,consectetur adipiscing elit.Praesent quis augue felis.Subtitle HereLorem ipsum dolor sit amet,conse

2、ctetur adipiscing elit.Praesent quis augue felis.Subtitle HereLorem ipsum dolor sit amet,consectetur adipiscing elit.Praesent quis augue felis.Adversaries proxiesYou cant track meConcealing the true-origin of malicious traffic hinders our ability to track adversariesYou dont know where I amTraffic c

3、an appear from any country or location,preventing detection based on abnormal accessYou cant tell me apartAdversary traffic blends-in with that of legitimate service usersCommercial vs ResidentialInfrastructureUsually datacenter focussed,choice of countriesProfessional SupportLegitimate commercial s

4、ervices with legal address,funding etc.ExamplesMullvadNordVPNPerfect Privacyetc.s augue felis.ResidentialChoose exit by country,state,zip code,city,IP,domain,connection typeUsually illegitimate services,backed by infrastructure sourced through grey/illegitimate meansExamplesNSOCKS/NgiowebFacelessBri

5、ght Data/Luminati(legitimate)Place your photo over this gray space.Ensure you cover the entirety of itFrom a customerperspectivePlace your photo over this gray space.Ensure you cover the entirety of itConsent or CompromiseConsenting participants:Freely choose to share their internet connection and g

6、et compensated for itUsually install software on their computing device(Windows/MacOS etc.)Operation likely not detectable from the internetCompromised devices:Legitimate edge devices compromised for proxy access.0 or n-day exploits requiredLine owners unaware of and not compensated for the accessEd