3 months on - and still going strong !

December 27th was the 3 month anniversary of this forum going "live" - since then we have seen very strong support from the community !

During this time, we have had 763 people sign up - with several thousand more "guests" regularly reading posts as well.

We have averaged over 8 new users every single day since go live, with at least one new user every day except Christmas day and the Monday before Christmas.

There have been 1351 new threads, averaging over 13 new threads every day, and 8637 posts in these three months, at an average of over 88 new posts every day.

Over 26GB of traffic has been transferred from the site, with 4,559,627 requests - 811,335 of which were for pages (the rest are images and such) !

There were 12,023 unique hosts (computers) served in this time - but of course most people would use several different host names over the period of several months, so it is difficult to tell how many unique users there have been.

December was our busiest month so far, with 256,585 page requests and the week beginning December 8th our busiest week with 72,342 page requests. Busiest single day was December 9th 2002, with 15,150 page requests.

Averages are 162,267 pages per month, 54,089 pages per week and 8,157 pages per day.

Monday is the busiest day of the week, with 18% of the requests, followed by Thursday with 16% and Wednesday with 15%.

On average, 16% of the requests occur on one of the weekdays, while only 10% on a Saturday or a Sunday.

Most active hour Dec 9, 2002 22:00 - 22:59 : 2,090 pages sent, and the hourly average is 325 pages sent (1,748 requests handled)

10pm-11pm is the busiest time of the day, with 56,221 pages in total served in that time. 403,170 of the pages (49.7% of the total) have been served between the hours of 8am and 5pm (9 hours), with 408,165 (50.3%) served in the other 15 hours between 5pm and 8am.

Most active quarter-hour Dec 9, 2002 22:30 : 631 pages sent. Average quarter-hour: 54 pages sent. 299 requests handled.

Top-10 top-level internet domains:

1. .au (Australia) 76.19%
2. .net (Networks) 15.90%
3. .com (Commercial) 5.44%
4. .uk (United Kingdom) 1.3%
5. .nz (New Zealand) 0.53%
6. .jp (Japan) 0.36%
7. .sg (Singapore) 0.14%
8. .int (International Treaty Organisations) 0.12%
9. .arpa (Arpanet) 0.9%
10. .cn (China) 0.7%

Other domains who have visited:
.se (Sweden), .nl (Netherlands), .th (Thailand), .gov (USA Government), .id (Indonesia), .fr (France), .hk (Hong Kong), .br (Brazil), .ca (Canada), .de (Germany), .org (Non Profit Making Organisations), .vn (Vietnam), .il (Israel), .za (South Africa), .edu (USA Higher Education), .mil (USA Military), .fi (Finland), .us (United States), .my (Malaysia), .ie (Ireland), .lb (Lebanon), .dk (Denmark), .sk (Slovakia), .bn (Brunei Darussalam)

Top 10 organisations making requests:

1. bigpond.net.au 13.2%
2. optusnet.com.au 12.63%
3. tmns.net.au 8.8%
4. iprimus.net.au 6.49%
5. uu.net 3.63%
6. comindico.com.au 2.12%
7. connect.com.au 4.12%
8. telstra.net 5.27%
9. apnic.net 3.4%
10. tpgi.com.au 2.21%

94% of requests come from IE browsers, 53% from IE6 and 40% from IE5. Less than 4% of requests came from Netscape and Netscape compatible browsers.

96% of requests came from Windows computers, 32% from Windows 98, 22% from Windows XP, and 20% from Windows 2000. Nearly 1.5% of requests came from Macintosh computers.

Well done to everyone - let's keep this community growing !

Great stats, Sim, but does this mean our computers are being interrogated too easily? Is it the cookie on our computer extracting this info or our ports being scanned while we are online? Should we put annonymity software on our computer to hide our identity while we are browsing online? Are there privacy issues involved with an IP address being available to every site we visit?

Thanks - Mike

Originally posted by Mike
Great stats, Sim, but does this mean our computers are being interrogated too easily? Is it the cookie on our computer extracting this info or our ports being scanned while we are online? Should we put annonymity software on our computer to hide our identity while we are browsing online?

Click to expand...

No, it is not your computers that are being interrogated - there is no port scanning going on - and it is not the cookies that store this information. Cookies are completely passive and cannot "extract information".

The information is gathered from the web server log files and is standard information sent from the web browser to the web server to allow the web server to customise the page for the browser and operating system that you are using.

For most people, the IP addresses are rather meaningless because they change regularly. For those with fixed IP addresses - you know exactly what the address is - which is kind of the reason why you would have a fixed IP address !

I don't think you need go to great lengths to try and hide your details - just make sure that you have taken reasonable precautions to protect yourself from attack ! Anti-virus software and personal firewall software are must haves. Finding out addresses to attack is relatively easy - anonymity does not necessarily provide any more protection !

Originally posted by Mike
Are there privacy issues involved with an IP address being available to every site we visit?

Click to expand...

Do you mean legal or security issues ?

Hehe, it must be me with all those ".int" domain entries.

Mike, just a bit further about the IP address issue. The web board actually hides our IP address from public viewing. This is an area that could have caused issues. But it's harder to find where you are located when I can't see your IP Address. Though you can still be tracked down without it. Just need to know how that is all.

The only ones who can see our IP Addresses should be the Administrators, which would be Sim' and Ian Somers. Both of which I have the confidence that they wouldn't do anything nasty to us with that info.

Would you Sim!!! hehehe....

Cheers
Robert

Most Internet Service Providers (ISP's) use Dynamic IP address assignment, which means everytime you "log on" to your ISP, you get a new/different IP address.

This in itself makes it substantially harder to track someone down, but not impossible, since the IP address the ISP "uses" belongs to the ISP, and therefore you can be traced, relatively easily, to your ISP. From that point on it gets significantly harder.

As for the information that Sim is able to report in his Stats (eg. Browser type), Browsers send a small amount of browser-specific (not user-specific) information to the web server every time they make a request, in order that the web server can return content which is appropriate for that browser.

Thanks guys,

When I go shopping at real stores nobody comes up to me and asks for my name and address. I am, therefore, totally anonymous when I shop. When I surf the net and visit commercial sites I expect to have the same sort of anonymity. But do we have the same sort of privacy? Obviously not because our browsers are giving away info to the sites we visit. Some people also get heavily spammed after visiting some sites. I've also heard that some sites won't let you in unless they can "see" you. If they can't see your IP address their site won't load up on your browser.

Mike

Actually Mike if you wish to enter, say, BVLGARI store in Beverly Hills they do require your name and address.

You are using resources on an international, cooperative, multi-homed, redundant network that we call the Internet. You use CPU cycles on hundreds of devices every day in using the internet - all made available at no direct cost to you or your ISP. The roadway uses the TCP/IP suite of protocols to make that happen.

Your IP address is almost certainly not "yours" in an ownership sense. You ISP or employer owns it.

If you wish to be truly anonymous then start using an anon proxy. Try a google search. But given the west's increasing security concerns, it is difficult to remain anonymous these days. Your information is aggregated in these logs.

If you want to spend the money you can set up an anonymous proxy in another county with strong privacy laws. That way nobody can find you.

For anybody who wants to test how "leaky" their computer is follow these links:

SNOOP TEST
What information can hackers see on your computer right now?
http://www.anonymizer.com/snoop/test_ip.shtml

Test My Shields & Test My Ports
https://grc.com/x/ne.dll?bh0bkyd2

Leak Test
http://grc.com/lt/leaktest.htm

Now read how your computer is open to interrogation by port scanners:

What this means:
- Your IP address uniquely identifies your computer and is normally stored by every Web site you visit.
- This information can be bought and sold between Web sites and linked to your real world information to create a comprehensive profile of your personal data, including everywhere you surf.

THREATS OF THE WEB
See what dangers you face every time you go online.
http://www.anonymizer.com/threats.shtml

ONLINE ACTIVITY CHECKLIST
What kind of protection is best for what you do online?
http://www.anonymizer.com/activity_checklist.shtml

I have Zone Alarm and Anonymiser software on my PC and when I turn it on this forum only recognizes me as a guest because it can't see the forum cookie on my PC to verify me as MIke.

With Anonymiser on I did the Sheilds and Ports test and returned the following result:

Attempting connection to your computer. . .

Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet!

Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

If all of the tested ports were shown to have stealth status, then for all intents and purposes your computer doesn't exist to scanners on the Internet!

It means that either your computer is turned off or disconnected from the Net (which seems unlikely since you must be using it right now!) or an effective stealth firewall is blocking all unauthorized external contact with your computer. This means that it is completely opaque to random scans and direct assault. Even if this machine had previously been scanned and logged by a would-be intruder, a methodical return to this IP address will lead any attacker to believe that your machine is turned off, disconnected, or no longer exists. You couldn't ask for anything better.

There's one additional benefit: scanners are actually hurt by probing this machine! You may have noticed how slowly the probing proceeded. This was caused by your firewall! It was required, since your firewall is discarding the connection-attempt messages sent to your ports. A non-firewalled PC responds immediately that a connection is either refused or accepted, telling a scanner that it's found a live one ... and allowing it to get on with its scanning. But your firewall is acting like a black hole for TCP/IP packets! This means that it's necessary for a scanner to sit around and wait for the maximum round-trip time possible across the entire Net, into your machine, and back again before it can safely conclude that there's no computer at the other end. That's very cool.

Regards, Mike

Yup, I strongly recommend ZoneAlarm Personal for a personal firewall solution - run it on ALL of your machines ! It's free !

If you have your own LAN at home with multiple computers sharing an internet connection, you should go for ZoneAlarm Pro - it doesn't cost that much and is well worth it.

As for Anonymiser, Mike you are coming across one of those gotchas with security software - in order to protect your privacy you want to remain anonymous, but in order to be able to participate in any type of community online, we need to know who you are to a certain degree. Now, you could run the forum in no-cookies mode, but there are other problems which arise as a result of such a move.

For example, you would have to log in every time you visited, and you may have problems with proxy servers if you don't use cookies ! It's also much easier to lose your session information (ie. the forum forgets who you are and what you were doing) if you do not use cookies. It's a tradeoff - you will have to decide if it is worth it !

I like to think Cookies have a "passive" use and an "active" use. Unfortunately only the web server knows what it is doing with that information.

Most uses of Cookies are fairly innocuous like remembering who you are after you log in, etc. Some sites take this further to assign you some kind of "ID" that they then use to track your usage of the web-site.

Mike: there are still retail shops that will ask for your name/address details when you buy something, and I'm not talking about Rodeo Drive in Beverly Hills.

Privacy is as much to do with what is done with information that is collected as it is with whether that information is collected in the first place.

I forgot to mention that if you install Anonymiser and go back to their site and do the Snoop test it will appear that it didn't work. When I had that happen to me I e-mailed them...

Hello,

I have installed Anonymizer® Private Surfing 2.0 and ZoneAlarm Pro 3.0. I set protection to maximum and then did your snoop test. I failed every test. My PC was successfully interrogated. Why?

Regards, Mike

Dear Customer:

When surfing to our website www.anonymizer.com we automatically disable the anonymous surfing service so that it does not conflict with our site. So when you go to do the snoop test the anonymous surfing is not active and you will therefore see your own information. To accurately test the anonymous surfing or secure tunneling service you can go to https://grc.com/x/ne.dll?bh0bkyd2 and do their shields up test. It should show you Anonymizer's IP beginning with 168.143... Please let us know if you experience any problems with this.

Regards,

SARAH C.
Anonymizer Support
[email protected]

Dear guys,

Something useful and gives a good explanation of how to split telstra/optus cable connections and more details about firewalls for this situation.

http://wpool.com/cablesharing/cablesharing.htm

Cheers,

Sunstone.