Every website is hosted on a server. When a
visitor clicks his or her way to a website, the user’s browser sends a
request to the server for a webpage at the location. The server returns
the webpage to the
IP
address
on the request. The page subsequently loads on the visitor’s computer
screen.
If the server is bogged down by traffic
(handling many requests at once), pages might load slower for visitors.
In the case of an overload of simultaneous requests, the server will
“crash” or go down, leaving the site temporarily unavailable. This can
be a form of attack, called a Denial Of Service (DoS) attack. If the
attack comes from a network of infected computers called a
botnet, it
is referred to a Distributed Denial of Service (DDoS) attack.
A malicious
hacker might
infiltrate a Web server in an attempt to gain information from protected
databases that hold customer data such as credit card numbers. So-called
“script kiddies” might simply want to malign a site by uploading images
or text to the website.
For these
reasons and more, websites
track and record
IP
addresses as a matter of course, storing the numerical addresses in
server logs. Each request from the
IP
address
is recorded, along with a time stamp. Older data is routinely purged
from logs to make room for newer data. The length of time a website
holds on to
IP
logs is variable, configured by the site’s administrator, and dependent
upon many factors.
Websites also
track and record
IP
addresses to learn which pages are most popular. The site can build on
popular pages to increase site traffic. Tracking
IP
addresses across the site can also reveal traffic leaks. For example, a
page that provides information about a product might have a link to a
remote site with additional information. If server logs reveal that a
large amount of traffic is clicking through to the other site, the
administrator can improve the page’s content or design to keep traffic
longer.
Website policies generally refer to
IP
addresses as “anonymous” data. However, with the help of computer
cookies there are many ways for websites to link identities to
IP
addresses, even when the
address
is dynamic, or changes with each Web session. Many websites also contain
“Web bugs” or a few
pixels linked to
an advertising firm that can
track
and record
IP addresses across
the Web, from one site to another, surreptitiously compiling detailed
surfing profiles
of individuals over a period of months or years.
A visitor need not register at a website to be
tracked and profiled. Typically all visits to a site are time-stamped
and recorded to a cookie, if cookies are enabled in the Web browser. All
pages and links visited within the site are commonly added to the cookie
(in addition to the sever logs). While server logs are purged, cookies
are commonly retained. Deleting a cookie from a user’s computer does not
remove the duplicate cookie on the Web server. Upon a subsequent visit
to the site, the server might “recognize” the surfer by various system
and software data that browsers routinely hand over; even when the
surfer is careful to allow temporary cookies only, or no cookies.
Due to these concerns, many savvy netizens
prefer to surf anonymously. In this case a proxy server stands between
the surfer’s computer and the Web. All browser requests are sent to the
proxy which relays them to the Internet. Web servers return pages to the
proxy’s
IP
address,
logging its
address
instead. The proxy receives the page, forwarding it on to the surfer,
acting as a go-between. Web servers have no record of the surfer’s
IP
address,
(however, the proxy server will
track and record
IP
addresses).
If using a proxy service, it is important to
know if it is truly anonymous. Some proxy servers forward the
requester’s
IP
address
in their headers, defeating the purpose. Only anonymous proxy
servers hide this information. Some proxy’s claim to be anonymous but
are not, so personal checking through available proxy tools is
advisable. Using international proxies can also increase anonymity
because the proxy’s logs will not be subject to jurisdiction of the
netizen’s
home country. That said, proxy services are designed to help maintain
freedom and privacy for legal activity, not protect illegal activity.
The
Firefox™ browser
has an add-on plug-in called FoxyProxy which allows users to
keep a list of proxies and easily switch between them to keep records
from accumulating on just one proxy server. One can also link proxies,
placing two or three proxy servers in a chain, however, this slows
surfing. Also, if one of the proxies is down requests get lost.
Additionally, there are various
shareware
programs for proxy surfing.
Web-based anonymous services allow visitors to
surf the Web through an onsite interface. Surfing from the site,
requested pages appear in a window. The only
IP
address
revealed to the Internet is the website’s own
address.
But once again, the website itself will
track
and record
IP addresses of those that
use its services.
