From: oes <oes@users.sourceforge.net> Date: Tue, 3 Sep 2002 16:12:41 +0000 (+0000) Subject: Removed obsolete files X-Git-Tag: v_3_1_archive_branchpoint~204 X-Git-Url: http://www.privoxy.org/gitweb/@default-cgi@/faq/%22https:/@default-cgi@edit-actions-remove-url?a=commitdiff_plain;h=7b598f93f406214aa7b946e4ca52f5b837b97ea5;p=privoxy.git Removed obsolete files --- diff --git a/doc/obsolete/fb.gif b/doc/obsolete/fb.gif deleted file mode 100755 index 43059924..00000000 Binary files a/doc/obsolete/fb.gif and /dev/null differ diff --git a/doc/obsolete/ijbfaq.html b/doc/obsolete/ijbfaq.html deleted file mode 100644 index 3d522479..00000000 --- a/doc/obsolete/ijbfaq.html +++ /dev/null @@ -1,1999 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<!-- $Id: ijbfaq.html,v 1.2 2001/05/17 22:56:17 jongfoster Exp $ - - See copyright details at end of file - - After changing this file, please run it through "HTML Tidy" - (from http://www.w3.org/People/Raggett/tidy/) - It should have no warnings or errors. ---> - -<html> - <head> - <title>Internet Junkbuster Frequently Asked Questions</title> - <meta name="description" content= - "An extensive FAQ on the Internet Junkbuster, free software to removes banner ads, cookies, and other stuff you don't want from your web browser."> - <meta name="keywords" content= - "stop, junk, busters, junkbusters, junkbuster, mail, email, e-mail, direct, spam, privacy, sharing, names, renting, direct, marketing, database, databases, junk mail, lists, consumer, sending, opt out, privacy, advertising, direct, marketing, targeting, through, click, trails, http_referer, cookie, cutter, iff, internet fast forward, Cookie Management Tool"> -<style type="text/css"> -<!-- -h2 { text-align: Center; font-family: arial, helvetica, sans-serif } -p.sans { font-family: arial, helvetica, sans-serif } -b.dot { color: #FF0000 } -b.eg { font-family: arial, helvetica, sans-serif } ---> -</style> - </head> - - <body bgcolor="#f8f8f0" link="#000078" alink="#ff0022" vlink= - "#787878"> - <p class="sans"><a href="http://ijbswa.sourceforge.net"> - Website</a> <b class="dot">·</b> <a href="ijbman.html"> - Manual</a> <b class="dot">·</b> <b>FAQ</b> <b class= - "dot">·</b> <a href="gpl.html">GPL</a></p> - - <h1 align="center"><a name="top_of_page"></a>Internet - J<small>UNK<i style="color: #FF0000">BUSTER</i></small> - Frequently Asked Questions</h1> - - <p align="center" class="sans"><a href="#browser">Configuring - Browsers</a> <b class="dot">·</b> <a href="#defaulted"> - IE 5.0</a> <b class="dot">·</b> <a href="#local"> - Installation</a> <b class="dot">·</b> <a href= - "#companies">For Companies</a> <b class="dot">·</b> <a - href="#blocking">Blocking Ads</a> <b class="dot">·</b> - <a href="#cookies">Cookies</a> <b class="dot">·</b> <a - href="#hotmail">Hotmail</a> <b class="dot">·</b> <a - href="#children">Children</a> <b class="dot">·</b> <a - href="#chain">Forwarding/Chaining</a> <b class="dot"> - ·</b> <a href="#conceal">IP</a> <b class="dot"> - ·</b> <a href="#anonymity">Anonymity</a> <b class="dot"> - ·</b> <a href="#security">Security</a></p> - - <h1>This document is out of date</h1> - - <p><b>Development of JunkBuster is ongoing and this document is - no longer current. However, it may provide some assistance. If - you have problems, please use the <a href= - "http://groups.yahoo.com/group/junkbuster-users/">Yahoo Groups - mailing list</a> (which includes an archive of mail), the - SourceForge.net <a href= - "http://sourceforge.net/projects/ijbswa/">project page</a>, or - see the project's <a href="http://ijbswa.sourceforge.net/">home - page</a>. Please also bear in mind that versions 2.9.x of - JunkBuster are development releases, and are not production - quality.</b></p> - - <h2><a name="top"></a>The Top Ten Questions</h2> - - <h3><a name="what"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What is the Internet Junkbuster - Proxy and what does it do for me?</h3> - - <p>The Internet Junkbuster Proxy <small><sup>TM</sup></small> - is free privacy-enhancing software that can be run on your PC - or by your ISP or company. It blocks requests for URLs - (typically banner ads) that match its blockfile. It also - deletes unauthorized cookies and other unwanted identifying - header information that is exchanged between web servers and - browsers. These headers are not normally accessible to users - (even though they may contain information that's important to - your privacy), but with the Internet Junkbuster you can see - almost <a href="ijbman.html#o_d">anything you want</a> and - control everything you're likely to need. Many people publish - their blockfiles to help others get started.</p> - - <h3><a name="free"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Is there a license fee / warranty - / registration form / expiration?</h3> - - <p>No, none of these. It's completely free of charge. - Junkbusters offers you the software to copy, use, modify and - distribute as you wish, forever, at no charge under the GNU - General Public License.</p> - - <p><a name="warranty"></a>It comes with no warranty of any - kind.</p> - - <p><a name="register"></a>You don't have to register, in fact - we don't even provide a way to do so: the practice of - registering software is usually just an excuse to send you - solicitations and sell your name and information about your - behavior. You are welcome to obtain and use our software as - anonymously you wish. (Your IP address will naturally be - disclosed when you download it; use anonymizing software if you - want to conceal this. We never want to be given any information - that you consider private or confidential.)</p> - - <p><a name="why"></a>We are often asked why we give away a - product that many would happily pay for. The answer is that we - are determined to carry out our mission: to free the world from - junk communications.</p> - - <h3><a name="windows"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Does it run on Windows? On a Mac? - On the AOL browser?</h3> - - <p>For the latest information on availability, see the - Distribution Information page. We don't think it will ever run - on Windows 3.1. But you don't need to have it running on your - computer if you get your ISP or Systems Administrator at work - to run it.</p> - - <h3><a name="isp"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How can I get my ISP to run the - Internet Junkbuster?</h3> - - <p>Try their sales or support department (depending on whether - you are already a customer). <a name="unaware"></a>You might - send them email including the following URL:<br> - <code> - http://www.junkbusters.com/ht/en/ijbfaq.html#isps</code><br> - <a name="switch"></a>You could mention that many other ISPs - provide it, and that you regard it as an important part of your - decision on where to buy Internet service.</p> - - <h3><a name="who"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Who chooses the options that - control what is blocked?</h3> - - <p>Whoever starts the Internet Junkbuster chooses the options - and the blockfile. If your ISP runs it for you, they have to - make these decision (though some may give you a choice of - proxies, and a way to suggest new URLs to block). If you run it - on your computer, you get to choose.</p> - - <h3><a name="self"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I download and run the - program on my computer?</h3> - - <p>It depends on your platform. If you are using Windows 95 or - NT, see our separate page on installing under Windows. If you - have a C compiler and are using almost any flavor of UNIX ® - you download it, compile it, start it running, and then - configure your browser. Several precompiled packages are also - available through links in our distribution page, which lists - all available platforms.</p> - - <p><a name="port"></a>If you are using a platform for which we - have no current availability, you are welcome to port the code. - If you do this and you would like us to consider publishing - your ported version, please tell us.</p> - - <h3><a name="show"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How can I tell which blockfile - and options are being used?</h3> - - <p>Just point your browser to - http://internet.junkbuster.com/cgi-bin/show-proxy-args or to - any URL ending in <code>show-proxy-args</code> (even if it - doesn't exist). It needn't exist because the Internet - Junkbuster intercepts the request, blocks it, and returns in - its place information about itself. Using the URL above is - useful for checking that your browser really is going through - an Internet Junkbuster, because the <code>junkbuster.com</code> - server returns a warning if the request actually gets to it. - Some people set the home page of their browser to such a URL to - be sure that it is configured to use the proxy.</p> - - <p><a name="headers"></a>If you wish to check the header - information your proxy is actually sending, a visit to - http://internet.junkbuster.com/cgi-bin/show_http_headers will - give you the more relevant ones first. You might also like to - turn the proxy off and compare the difference. (Don't forget to - turn it back on again.)</p> - - <h3><a name="responding"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> My browser started giving me - ``server not responding'' messages</h3> - - <p>Once your browser is told to use a proxy such as the - Internet Junkbuster, it thinks of it as its server for - everything, so this message means it can't talk to the proxy. - The Internet Junkbuster may not be running, or you may have - specified its proxy address incorrectly. Check that the details - you entered are correct. If you have <code>telnet</code> you - can try connecting to the appropriate port to see if the - Internet Junkbuster is running. If your ISP is running the - Internet Junkbuster, you may want to check with them. If you - are running it yourself under UNIX ®, try looking at a - <code>ps ax</code> to see if it is running. The <a href= - "ijbman.html#o_h">port</a> specified in its options should be - the same one as your browser has configured.</p> - - <h3><a name="idea"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> I've got this great idea for a - new feature. Who do I tell?</h3> - - <p>We'd be very interested to hear it, but please bear a few - things in mind.</p> - - <ol type="1"> - <li><a name="considered"></a>Please check this FAQ to see if - we've already considered the idea, such as automatic - detection of banner ads and replacing ads with something else - such as a transparent GIF.</li> - - <li><a name="confidential"></a>Don't tell us anything you - want to keep confidential or retain some right over.</li> - - <li><a name="wish"></a>We currently have a long wish list of - things that we may or may not do in the near future, - including a version for your favorite computer and a plug-in - version.</li> - - <li><a name="go4it"></a>If you don't want to wait you're - welcome to improve on our code, publish your version on the - Web, and tell us where to find it. Projects that are - especially welcome include a port to the Mac and extensions - for HTTP 1.1. (Meanwhile, be sure your browser is configured - not to use HTTP 1.1.)</li> - </ol> - - <h3><a name="other"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> My question isn't listed here. - Who do I ask for support?</h3> - - <p><a name="harder"></a>If you find using our free product - harder than you're used to for consumer software, there are - many commercial alternatives that you could consider.</p> - - <p><a name="RTM"></a>The answer to detailed technical questions - may be answered in <a href="ijbman.html">manual page</a>, or in - the source code. Also double-check this page for an answer: - using the ``find'' feature on your browser for likely keywords - may help. Our site also has a search feature.</p> - - <p><a name="Use"></a>Many people post requests for help and - responses on Usenet.</p> - - <p><a name="them"></a>If your ISP is providing the Internet - Junkbuster for you, and your question is about how to use it, - check their web page before asking them.</p> - - <p><a name="us"></a>Even though we don't offer the kind of - support you might expect if you paid a lot of money for a - software product, you can still ask us. But before you do, - please consider whether you could ask someone closer to you. - And please be patient if we're slow to reply: we never charge - consumers for our services, so we have to subsidize consumers - with revenue from companies, and our resources are limited.</p> - - <p><a name="quote"></a>If your company or organization would be - interested in a maintenance contract with phone and email - support, hard copy documentation and source code and - pre-compiled binaries on tape or disk, please ask us for a - quote.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="browser"></a>Configuring your browser to talk to - the Internet Junkbuster</h2> - - <h3><a name="address"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What is the proxy address of the - Internet Junkbuster?</h3> - - <p><a name="localhost"></a>If you set up the Internet - Junkbuster to run on the computer you browse from (rather than - your ISP's server or some networked computer at work), the - proxy will be on <code>localhost</code> (which is the special - name used by every computer on the Internet to refer to itself) - and the port will be <code>8000</code> (unless you have told - the Internet Junkbuster to run on a different port with the <a - href="ijbman.html#listen-address">listen-address</a> option). - So you when configuring your browser's proxy settings you - typically enter the word <code>localhost</code> in the two - boxes next to <b class="eg">HTTP</b> and <b class="eg"> - Secure</b>, and the number <code>8000</code> in the two boxes - labeled to the right of those boxes. <a name="Gopher"></a>The - Internet Junkbuster does not currently handle other protocols - such as Gopher, FTP, or WAIS, so leave those setting unchanged. - Nor does it handle ICQ or Instant Messenger services.</p> - - <p><a name="remote"></a>If your ISP or company is running the - Internet Junkbuster for you, they will tell you the address to - use. It will be the name of the computer it's running on (or - possibly its numeric IP address), plus a port number. Port 8000 - is the default, so assume this number if it is not specified. - Sometimes a colon is used to glue them together, as in <code> - junkbuster.fictitious-pro-privacy-isp.net:8000</code> but with - most browsers you do not type the colon, you enter the address - and port number in separate boxes.</p> - - <h3><a name="set"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I tell the browser where - to find the Internet Junkbuster?</h3> - - <p>All current browsers can be told the address of a proxy to - use. You enter the same information in two fields in your - browser's proxy configuration screen (see list below): one for - HTTP, and one for the Secure Protocol (assuming your browser - supports SSL). If you find some information already entered for - your proxy, see the next question. Here are the menus you go - through to get to the proxy configuration settings. (We also - recommend that you disable Java, which is a separate - operation.) <strong>Make notes on the changes you make so you - know how to undo them!</strong> You will need to know what you - did in case you wish to discontinue using the proxy.</p> - - <ol type="1"> - <li><a name="netscape"></a>For Netscape 2.01, 2.02 and 3.0 - [Graphic Illustration]: <b class="eg">Options</b>; <b class= - "eg">Network Preferences</b>; <b class="eg">Proxies</b>; <b - class="eg">Manual Proxy Configuration View ;</b> enter proxy - address details under <b class="eg">HTTP</b> and <b class= - "eg">Security Proxy</b>; click on <b class="eg">OK</b>; click - on the next <b class="eg">OK</b>. [Return to Windows - Installation Procedure]<br> - With Netscape 2.0, follow with <b class="eg">Options</b>, <b - class="eg">Save Options</b>.<br> - <a name="Netscape4.02"></a>With Netscape 4.X series, you - first have to go through <b class="eg">Edit/Preferences</b>. - [Graphic Illustration] Then in the frame on the left, click - on triangle pointing to the right towards the word <b class= - "eg">Advanced</b>; it will switch to a triangle pointing - down; and the words <b class="eg">Cache</b>, <b class="eg"> - Proxies</b> and <b class="eg">Disk Space</b> appear. Click on - <b class="eg">Proxies</b> and the frame on the right will - display a banner saying <b class="eg">Proxies Configure - proxies to access the Internet</b>. Click the radio button - labeled <b class="eg">Manual proxy configuration</b> then - click the button labeled <b class="eg">View</b>; enter proxy - address details under <b class="eg">HTTP</b> and <b class= - "eg">Security Proxy</b>; click on <b class="eg">OK</b>; click - on the next <b class="eg">OK</b>. [Return to Windows - Installation Procedure]</li> - - <li><a name="explorer3"></a>For Internet Explorer 3.0 - [Graphic Illustration]: <b class="eg">View</b>; <b class= - "eg">Options</b>; <b class="eg">Connections</b>; tick <b - class="eg">Connect through proxy server</b> box; <b class= - "eg">Settings</b>; enter proxy address details <b class="eg"> - HTTP</b> Box, with port number in the second box; same with - <b class="eg">Secure</b>; click on <b class="eg">OK</b>. - [Return to Windows Installation Procedure]</li> - - <li><a name="explorer2"></a>For Internet Explorer 2.0: <b - class="eg">View</b>; <b class="eg">Options</b>; <b class= - "eg">Proxy</b>; enter proxy address details click on <b - class="eg">OK</b>. [Return to Windows Installation - Procedure]</li> - - <li><a name="nt"></a>On NT for MS-IE: <b class="eg">Control - Panel</b>; <b class="eg">Internet</b>; <b class="eg"> - Advanced</b>; <b class="eg">Proxy</b>.</li> - - <li><a name="if"></a>For MS-IE 4.0: similar to 3.0: <b class= - "eg">View</b>; <b class="eg">Internet Options</b>; <b class= - "eg">Connection</b>; tick <b class="eg">Access Internet using - a proxy server</b> box; from there we have had reports of - different versions, either click on <b class="eg"> - Advanced</b> or <b class="eg">Settings</b>; enter proxy - address details <b class="eg">HTTP</b> Box, with port number - in the second box; same with <b class="eg">Secure</b>; click - on <b class="eg">OK</b>. Note that 4.0 has <b class="eg"> - Advanced</b> settings to allow HTTP 1.1 through proxies; - these must be disabled because the proxy does not currently - understand HTTP 1.1. Please tell us if you see any other - differences. [Return to Windows Installation Procedure]</li> - - <li><a name="IE5"></a>For MS-IE 5.0: similar to 4.0: <b - class="eg">Tools|Internet Options</b> from the menu bar; <b - class="eg">Connections</b>. Select either dial-up connection - or LAN (depending on how you connect to the Internet); press - <b class="eg">Settings</b>; and check the <b class="eg">Use - Proxy Server</b> box; enter proxy address details in the <b - class="eg">HTTP</b> Box, with port number in the second box; - same with <b class="eg">Secure</b>; click on <b class="eg"> - OK</b> buttons to get out. <em>Note:</em> <a name= - "defaulted"></a>You must also uncheck the HTTP 1.1 checkboxes - at the end of the <b class="eg">Advanced</b> options. This - seems to have been made the default in IE 5.0. [Return to - Windows Installation Procedure]</li> - - <li><a name="level5"></a>For Netscape's level 5 browser, we - have no information. If you do, please tell us.</li> - - <li><a name="mosaic"></a>For NCSA Mosaic for Windows: <b - class="eg">Options</b>, <b class="eg">Preferences</b>, <b - class="eg">Proxy</b>; enter proxy address details under <b - class="eg">HTTP</b>.</li> - - <li><a name="Opera"></a>For Opera: <b class="eg"> - Preferences</b>, <b class="eg">Proxy servers</b>; check the - box next to HTTP; enter the server and port number in the box - on the other side; click on <b class="eg">OK</b>.</li> - - <li><a name="lynx"></a>For Lynx, Mosaic/X, <a href= - "http://monty.cnri.reston.va.us/grail-0.3/">Grail,</a> and - W3O Arena, you can specify the proxy via environment - variables before starting the application. This will probably - be done with something like either<br> - <code>setenv http_proxy - http://localhost:8000/</code><br> - or<br> - <code> - http_proxy=http://junkbuster.fictitious-pro-privacy-isp.net:8000/ - export http_proxy</code><br> - depending on your shell and where the Internet Junkbuster - lives.</li> - </ol> - - <p>If your browser is not listed here, or if you notice an - error, please tell us the correct procedure.</p> - - <h3><a name="already"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What should I do if I find - another proxy is already configured?</h3> - - <p>Some ISPs and companies require all Web traffic to go - through their proxy. In this case you would find your proxy - configuration with values already set, possibly under <a name= - "Automatic"></a>Automatic Proxy Configuration (in the case of - Netscape and MS-IE 3.0 and above). It's probably a firewall - proxy between your company and the outside world, <a name= - "cache"></a>or a caching proxy if you're using an ISP.</p> - - <p><a name="f"></a>What needs to be done in this case is to use - the <a href="ijbman.html#forwardfile">forwardfile</a> option to - tell the Internet Junkbuster the address of the other proxy. - Specify a different (unused) port number with the <a href= - "ijbman.html#listen-address">listen-address</a> option, and - configure your browser to use that port. If you haven't done - this kind of thing before, it's probably best to consult your - systems administrator or ISP about it; check their web page - first.</p> - - <h3><a name="discontinue"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> What if I want to stop using - the Internet Junkbuster?</h3> - - <p>Just go through the same procedure you used to start your - browser using the Internet Junkbuster, but remove the details - you put in (or if there was something there before, restore - it). You may need to use <b class="eg">Save Options</b> to make - this change permanent. On Netscape 3.0 you can go through <b - class="eg">Options</b>; <b class="eg">Network Preferences</b>; - <b class="eg">Proxies</b> and click on <b class="eg">No - Proxy</b> to turn it off, and later click on <b class="eg"> - Manual Proxy Configuration</b> if you want to start using it - again. (No need to enter the again details under <b class="eg"> - View</b> as you did the first time; they should remain there - unchanged.)</p> - - <p><a name="shut"></a>This stops your browser talking to the - proxy; shutting down the proxy is a different matter.</p> - - <h3><a name="dial"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Automatic dialing isn't working - any more. How do I fix it?</h3> - - <p>Some browsers (such as MSIE-4) can be configured to dial - your ISP automatically when you click on a link, but this - feature (called "automatically connect" or "autoconnect") gets - disabled if you specify a proxy running on your own computer - (with address <code>localhost</code> or <code>127.0.0.1</code>) - because these addresses don't require dialing. The Internet - Junkbuster knows nothing about dialing, so it doesn't work. To - make automatic dialing work, make up a name such as <code> - junkbuster.ijb</code> and use that name in the proxy settings - instead of <code>localhost</code>, and then add the line <code> - 127.0.0.1 junkbuster.ijb</code> to the file <code> - c:\windows\hosts</code> (if there already is a line beginning - with <code>127.0.0.1</code> just add <code> - junkbuster.ijb</code> at the end of it.)</p> - - <p><a name="also"></a>This should also work Netscape - Communicator 4 on machines where IE-4 has been installed.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="local"></a>Setting up the Internet Junkbuster on - your local computer</h2> - - <p>The next two sections assume you wish to compile the code - with your own C compiler. <a name="install"></a>If you just - want to use the <code>.exe</code> file provided for Windows, - see the Windows Installation page.</p> - - <h3><a name="u"></a><img border="0" src="fb.gif" alt="*" width= - "14" height="14"> How do I compile the code under - Unix?</h3> - - <p>If you are running Redhat Linux you may prefer to use the - rpm instead of the following procedure.</p> - - <ol type="1"> - <li><a name="download"></a>First download the tar file - (~286k) <a name="tar"></a>and uncompress and extract the - files from it with this command<br> - <code>uncompress -c ijb20.tar.Z | tar xf - -</code></li> - - <li><a name="sun"></a>If your operating system is from Sun or - HP examine the <code>Makefile</code> and make any changes - indicated inside.</li> - - <li><a name="make"></a>Run<br> - <br> - <code>make</code></li> - - <li> - <a name="defaults"></a>Copy the sample configuration file - (<code>junkbstr.ini</code>, previously called <code> - sconfig.txt</code> and other names in earlier releases) to - some convenient place such as <code> - /usr/local/lib/junkbuster/configfile</code> or whatever you - choose. The sample file has all the options commented out. - You can remove the <code>#</code> character on any that you - want, but it may be better to leave this until to later. - Run it asynchronously:<br> - <br> - <code>junkbuster configfile &</code> - - - <p>If you are running a version earlier than 2.0 you can - start it with <code>junkbuster &</code></p> - </li> - - <li><a name="config"></a>Configure your browser (described - above).</li> - - <li><a name="test"></a>Verify that the Internet Junkbuster is - working (described above).</li> - - <li><a name="restart"></a>Decide on the options you really - want, <code>kill</code> the process and start it again. The - most popular option is <a href="ijbman.html#blockfile"> - blockfile</a> to block ads. <a name="comprehensive"></a>A - sample blockfile is provided as an illustration, but it - doesn't really stop many ads. More comprehensive ones are - available elsewhere.</li> - - <li><a name="rc"></a>You'll probably want to add an entry to - <code>/etc/rc.d/rc.local</code> or equivalent to start it at - boot time. (Any output you specify should be redirected to a - file. And don't forget the & at the end to run it - asynchronously or your system will seize up after the next - reboot.)</li> - </ol> - - <h3><a name="win"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I compile the code under - Windows?</h3> - - <p>A <code>.exe</code> file (binary) is supplied with the - source code, but if you prefer to compile it yourself here is - the likely procedure. Most of these steps are repeated in our - checklist for installation under Windows.</p> - - <ol type="1"> - <li><a name="zip"></a>First click here to download the zip - file called <code>ijb20.zip</code> (~208k), then uncompress - and unpack the zip archive using a tool like WinZip.</li> - - <li><a name="change"></a>Now the distribution (source and - sample files) will be in a folder called <code>ijb20</code>. - Go into that folder and then edit the Makefile for your - system, removing the comment character (<code>#</code>) in - the lines related to Win32. Then type:<br> - <code>nmake</code><br> - This should create an executable called <code> - junkbstr.exe</code>. <a name="compilers"></a>For information - on issues with various compilers, see the Distribution - Information page.</li> - - <li> - <a name="attempt"></a>Run the executable with the - command:<br> - <code>junkbstr</code><br> - <a name="terminal"></a>(Click on the icon with that name - that looks like a terminal, not like a notepad.) The - program will produce a message indicating that it has - started and is ready to serve. - - <p><a name="ini"></a>(Version 2.0.1 and above uses the file - <code>junkbstr.ini</code> as the config file if it exists - and no argument was given. If you have an earlier version - or if you want it to use a different config file, simply - specify that file as the argument.)</p> - </li> - - <li><a name="configures"></a>Configure your browser - (described above).</li> - - <li><a name="work"></a>Check the proxy is working (described - below).</li> - - <li> - <a name="shortcut"></a>To have the proxy start itself - automatically when you login to Win95, drop the - ``shortcut'' to the <code>junkbstr</code> executable into - the StartUp folder:<br> - <code>C:\Windows\Start - Menu\Programs\StartUp</code><br> - You might want to change the shortcut's <code> - Properties->Shortcut</code> to <code>Run: - Minimized</code>. If you specify the <a href= - "ijbman.html#hide-console">hide-console</a> option then the - DOS window will vanish after it starts. - - <p><a name="NT"></a>WinNT users can put it into their own - StartUp folders or the Administrator can put it into the - system's global StartUp folder. For details on how to make - this a service under NT see our Windows page.</p> - </li> - </ol> - - <h3><a name="check"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I check that the proxy is - working?</h3> - - <p>Pick a page from somewhere (such as your bookmarks, or just - one that your browser was pointing to) and <b class="eg"> - Reload</b> it. If you get a message along the lines of ``server - not responding, using cached copy instead,'' see the advice - above. If the page reloads OK, check that your browser is - actually talking to the proxy by going to - http://internet.junkbuster.com/cgi-bin/show-proxy-args or any - URL ending in <code>show-proxy-args</code> (as described below, - the proxy should intercept the request.) When you see - ``Internet Junkbuster Proxy Status,'' you'll know it's - working.</p> - - <h3><a name="chain"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How and why would I have this - proxy chained with other proxies?</h3> - - <p>You may need the <a href="ijbman.html#forwardfile"> - forwarding</a> feature to ``daisy chain'' the Internet - Junkbuster to another proxy, perhaps an anonymizing proxy to - conceal your IP address, or a caching proxy from your ISP, or a - firewall proxy between your company and the outside world. - Version 2.0 and above can be even configured to forward <a - href="ijbman.html#forwardfile">selectively</a> according to the - URL requested: for example, connecting directly to trusted - hosts, but going through an anonymizing or firewall proxy for - all other hosts.</p> - - <p><a name="administrator"></a>Network administrators might use - it to provide transparent access to multiple networks without - modifying browser configurations. <a name="direct"></a>Most - browsers also provide a way of specifying hosts that the - browser connects to directly, bypassing the proxy. Some provide - a method for Automatic Proxy Configuration. A well written - Internet Junkbuster configuration can be much more flexible and - powerful.</p> - - <p><a name="example"></a>An ISP's caching proxy would typically - be called something like <code>cache.your-isp.net:8080</code> - (as described on you ISP's web page); you would put this - information in your <a href="ijbman.html#forwardfile"> - forwardfile</a> as described in our manual. Your browser would - be configured to the Internet Junkbuster for HTTP and Security - Proxies as before, but you probably want to tell it to use the - caching proxy for FTP and other protocols. <a name="nonlocal"> - </a>If your ISP is running the Internet Junkbuster for you, - they have probably already decided whether to chain with a - caching proxy.</p> - - <h3><a name="socks"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How does the Internet Junkbuster - work with SOCKS gateways?</h3> - - <p>There is support for some gateways in Version 1.4 and above. - The gateway protocol used to be specified on the command line; - it is now specified in the same file as <a href= - "ijbman.html#forwardfile">forwarding.</a> Note that the - browser's proxy configuration must <em>not</em> specify a - <code>SOCKS</code> host; it should specify the proxy as - described above.</p> - - <h3><a name="plain"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I configure it to be just - a plain old proxy?</h3> - - <p>To get the proxy to do as little as possible (which means - not deleting any sensitive headers), place in your - configuration file the following three lines (each ending in a - space then a period) to stop it changing sensitive headers:<br> - <code>referer .</code><br> - <code>from .</code><br> - <code>user-agent .</code><br> - <code>cookiefile mycookiefile</code><br> - The fourth line is also needed to specify a <a href= - "ijbman.html#o_c">cookiefile</a> that might be called <code> - mycookiefile</code> containing a single line with a <code> - *</code> character, to allow all cookies through.</p> - - <h3><a name="shutdown"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How do I shut down the proxy (to - restart it)?</h3> - - <p>It depends on your platform.</p> - - <ol type="1"> - <li><a name="X"></a>Under Windows, you can click on the "X" - button at the top right of the DOS window (and answer <b - class="eg">Yes</b> when Windows warns you it cannot shut down - the program automatically), or use <b class="eg"> - Ctrl-Break</b> or the old three-fingered salute of <b class= - "eg">Ctrl-Alt-Delete</b> and select <b class="eg">End - Task</b>.</li> - - <li><a name="ps"></a>Under UNIX ® you'll need to <code> - kill</code> the <b><code>junkbuster</code></b> process. <a - name="pid"></a>If you don't know the process number to give - to <code>kill</code>, try this:<br> - <code>ps ax | grep junkbuster</code></li> - </ol> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="companies"></a> Information for companies</h2> - - <h3><a name="think"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What do advertising companies - think of this kind of technology?</h3> - - <p>We've seen only a few public comments from the advertising - industry on this, other than SEC filings. First, the president - of the Internet Advertising Bureau told CNET that he wasn't - worried by banner blockers. Second, after the Federal Trade - Commission's workshop where we gave a live demonstration of our - proxy before many eminent representatives of the industry, the - Direct Marketing Association made the following statement in - the closing paragraphs of their summary comments to the - Commission.</p> - - <blockquote> - Clever shareware developers have come up with products that - can obliterate cookies and advertisements for those consumers - who have these concerns. The Internet is a market that is so - democratic and flexible that it is easy for companies and - software developers to respond to a perceived market need. - </blockquote> - - <p>Their attitude seems to be that they would prefer that - people use technical solutions to protect their privacy than - have protections imposed by legislation or government - regulations. So, do you perceive a market need? Then here are - some ways to flex your democratic muscles.</p> - - <h3><a name="nobrainer"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> Should we provide the - Internet Junkbuster for our employees?</h3> - - <p>That depends. Try this quick three-point test.</p> - - <ol type="1"> - <li><a name="waste"></a>Do you want to spend your - communications budget on bandwidth that wastes your - employees' time by forcing them to wait for a lot of annoying - distractions while they're trying to do their jobs?</li> - - <li><a name="surveillance"></a>Do you want current and - potential vendors to know quantitative details about the - software and hardware platforms that you have?</li> - - <li><a name="intelligence"></a>Do you want your competitors - to be able to track exactly which of your employees are - checking out their web sites?</li> - </ol> - - <p>If the answer to all three questions is yes, then you - probably don't have any need for this kind of product.</p> - - <h3><a name="commercial"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> Can our company get - commercial support for the software?</h3> - - <p>Yes, ask us for a quote on a maintenance contract with your - choice of phone and email support, hard copy documentation, - source code and pre-compiled binaries on tape or disk, and - email alerting of upgrades and issues. We also offer consulting - services to help set up ``stealth browsing'' capabilities to - help reduce the footprints left while doing competitive - analysis and other Web work where confidentiality is - critical.</p> - - <h3><a name="isps"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> I run an ISP. What issues should - I consider before offering it?</h3> - - <p>Many ISPs who offer the proxy to their customers have told - us that most of their customers are delighted with it (although - one reported that a customer complaint that without banner ads, - surfing was like reading a novel: we recommend making it - optional). Many ISPs like it because it reduces bandwidth - requirements. To help get you started, here's a checklist we've - developed from working with a few ISPs. You may think of more, - and we'd be interested if you're willing to share them with - us.</p> - - <ol type="1"> - <li><a name="pending"></a>If you get more than one request - for the Internet Junkbuster you may want to tell your - customers on your News page that you already know about it - and are assessing it.</li> - - <li><a name="try"></a>Try the software and verify that it - performs satisfactorily.</li> - - <li><a name="value"></a>Determine whether your customers - perceive the service as valuable (and therefore worth the - time to set up). We've had reports of many delighted - customers.</li> - - <li><a name="secure"></a>Assess the level of security - associated with the software. If access is to be restricted - (to just dial-in ports, for example) how is this to be - done?</li> - - <li><a name="costs"></a>Consider whether to expect any - additional load on computing resources required, and any - change in use of bandwidth due to the blocking of large - GIFs.</li> - - <li><a name="opt"></a>Choose the <a href="ijbman.html"> - options</a> you wish to provide.</li> - - <li> - <a name="multiple"></a>Decide whether you want to offer a - choice of configurations, such some of these four. - - <ol type="A"> - <li><a name="banner"></a>Banners Blocked, Wafer with - No-Cookie-Copyright notice</li> - - <li><a name="low"></a>Cookies not stopped (<a href= - "ijbman.html#cookiefile">cookiefile</a> with just a - <code>*</code> in it), User Agent specified as Lynx</li> - - <li><a name="oneway"></a>Cookies from browser allowed, - permitting registered services</li> - - <li><a name="kid"></a>A proxy for kids.</li> - </ol> - <a name="caching"></a>If you run a caching proxy, decide - whether the Internet Junkbuster will chain with it by - default, and whether to offer an alternate with no caching. - (Some ISPs don't, because they want to give customers an - incentive to use caching and save bandwidth.) - </li> - - <li><a name="naming"></a>Decide on a naming scheme for your - proxies. If you're running only one proxy on one machine, the - simplest way is to just use port 8000 on your main machine, - such as <code>our-isp.net.</code> But it would probably be - safer to put an entry in your name server and call it - something like <code>junkbuster.our-isp.net.</code> If - running several proxies, you could either use different ports - on the same machine, or if you have the opportunity to - distribute the load over a few machines you could use - different hostname aliases such as <code> - banner.junkbuster.our-isp.net</code>, <code> - lynx.junkbuster.our-isp.net</code> and <code> - oneway.junkbuster.our-isp.net</code> (corresponding to the - examples in the previous point). You may want to set up - Automatic Proxy Configuration.</li> - - <li> - <a name="document"></a>Prepare a page explaining the - Internet Junkbuster to your customers. <a name="does"></a> - Here's are some examples from Australia, Germany, Florida, - New York/New Jersey/Pennsylvania, North Carolina, Texas, - and Utah. <a name="reuse"></a>You are welcome to copy and - modify material from Junkbusters according to the GPL. You - might want to set up a process to check this page - periodically and update it when it changes. (A few links - can probably serve as well as lot of copying however.) A - typical page would probably specify the following. - - <ol type="1"> - <li><a name="abstract"></a>A brief explanation stating - what the Internet Junkbuster does, with a link to this - page.</li> - - <li><a name="addresses"></a>The addresses of the proxy or - proxies, with their port number(s).</li> - - <li><a name="options"></a>The options used, and how to - view the contents of the blockfile (which you can place - on your web pages, preferably in a file called <code> - blocklist.html</code> or <code> - blocklist.txt</code>).</li> - - <li><a name="additions"></a>An indication of whether - suggestions for the blocklist are considered, and if so, - how to submit them: to a particular email address, via - web-based form, etc.</li> - - <li><a name="configuration"></a>Instructions on how to - configure a browser. You may want to include details for - only the two major browsers and leave the others to a - link.</li> - - <li><a name="service"></a>Procedures on how to report - problems, give feedback etc.</li> - </ol> - </li> - - <li><a name="beta"></a>Invite a small number of - technologically sophisticated customers to beta-test the - service.</li> - - <li><a name="announce"></a>Announce general availability on - your ``News'' page. Tell us if you would like to be included - on a list of ISPs offering the Internet Junkbuster.</li> - </ol> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="blocking"></a> Blocking</h2> - - <h3><a name="readymade"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> Where can I get an example - blockfile that stops most ads?</h3> - - <p>The sample blockfile we provide blocks almost nothing, and - we do not publish blockfiles that stop almost all banner ads. - But others have; you can find them by asking Google. You can - add any part of the new file to your old one (probably called - <code>sblock.ini</code> if you haven't changed the default name - in the latest version) or your just replace it completely. You - probably don't need to restart the proxy.</p> - - <p><a name="pub"></a>If you develop an interesting blocklist - and publish it on the Web, you might want to include the word - ``junkbuster'' in it and use the word ``blocklist'' in the file - name given in the URL so that others can find it with the query - given in the previous sentence.</p> - - <h3><a name="zap"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> If I see an ad I wish I hadn't, - how do I stop it?</h3> - - <p>If your ISP is running the Internet Junkbuster, they should - have a policy on whether they accept suggestions from their - customers on what to block. Consult their web page.</p> - - <p><a name="cover"></a>If you are running the Internet - Junkbuster yourself, you have complete control over what gets - through. Just add a pattern to cover the offending URL to your - blockfile. Version 1.3 and later automatically rereads the - blockfile when it changes, but if you're running an earlier - version you'll have to stop it and restart it.</p> - - <p><a name="target"></a>To choose a pattern you'll first need - to find the URL of the ad you want cover.</p> - - <p><a name="pinpoint"></a>Some people use the <a href= - "ijbman.html#debug">debug</a> <code>1</code> option to display - each URL in a window as the request is sent to the server. It's - then usually an easy task to pick the offending URL from the - list of recent candidates.</p> - - <p><a name="source"></a>Alternatively, you can use <b class= - "eg">View Document Info</b> (or <b class="eg">View Document - Source</b> if your browser doesn't have that). The <b class= - "eg">Info</b> feature has the advantage of showing you the full - URL including the host name, which may not be specified in the - source: there you might see something like <code> - SRC="/ads/click_here_or_die.gif"</code> indicating only the <i> - <dfn>path</dfn></i>. (The host name is assumed to be the same - as the one the page came from.)</p> - - <p><a name="offsite"></a>But ads often come from a different - site, in which case you might see something like <code> - SRC="grabem.n.trackem.com/Ad/Infinitum/SpaceID=1666"</code> or - longer. <a name="warehouse"></a>If the company looks like a - pure ad warehouse (as in the last case), you may want to place - just its domain name in the blockfile, which blocks all URLs - from that site.</p> - - <p><a name="wanted"></a>If the ad comes from a server that you - really want some content from, you can include enough of the - path to avoid zapping stuff you might want. In the first - example above, <code>/ads/</code> would seem to be enough. If - you don't include the domain name, the pattern applies to all - sites, so you don't want such patterns to be too general: for - example <code>/ad</code> would block <code> - /admin/salaries/</code> on your company's internal site.</p> - - <p><a name="image"></a>To speed the blocking of images, some - UNIX ® users create a shell script called <code> - Image:</code> containing a line such as <code>echo $1 | sed - s/http:..// >> $HOME/lib/blockfile</code> that adds its - argument to the user's blockfile. Once an offending image has - been be found using <b class="eg">View Document Info</b> it's - easy to cut-and-paste the line (or part of it) into a shell - window. The same script can be linked to a file called <code> - Frame:</code> to dealing with framed documents, and <code> - junkbuster:</code> to accept the output of the <a href= - "ijbman.html#debug">debug</a> option.</p> - - <p><a name="partial"></a>When compiled without the <i><dfn> - regular expressions</dfn></i> option, the Internet Junkbuster - uses only very simple (and fast) matching methods. The pattern - <code>/banners</code> will not stop <code> - /images/banners/huge.gif</code> getting through: you would have - to include the pattern <code>/images/banners</code> or - something that matches in full from the left. <a name="regex"> - </a>So you can get what you want here, the matcher understands - POSIX regular expressions: you can use <code> - /*.*/banners</code> to block and any URL containing <code> - /banners</code> (even in the middle of the path). <a name= - "posix"></a>(In Versions 1.1 through 1.4 they were an option at - compile time; from Version 2.0 they have become the default.) - Regular expressions give you many more features than this, but - if you're not already familiar with them you probably won't - need to know anything beyond the <code>/*.*/</code> idiom. If - you do, a <code>man egrep</code> is probably a good starting - point).</p> - - <p><a name="slash"></a>Don't forget the <code>/</code> (slash) - at the beginning of the path. If you leave it out the line will - be interpreted as a domain name, so <code>ad</code> would block - all sites from Andorra (since <code>.ad</code> is the - two-letter country code for that principality).</p> - - <p><a name="detail"></a>For a detailed technical description of - how pattern matching is done, see the <a href= - "ijbman.html#o_b">manual.</a></p> - - <h3><a name="despite"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> How come this ad is still getting - through anyway?</h3> - - <p>If the ad had been displayed before you included its URL in - the blockfile, it will probably be held in cache for some time, - so it will be displayed without the need for any request to the - server. Using the <a href="ijbman.html#debug">debug</a> <code> - 1</code> option to show each URL as it is fetched is a good way - to see exactly what is happening.</p> - - <p><a name="otherwise"></a>If new items seem to be getting - through, check that you are really running the proxy with the - right blockfile in the options. Check the blockfile for - exceptions.</p> - - <p><a name="java"></a>Some sites may have different ways of - inserting ads, such as via Java. If you have ideas on how to - block new kinds of junk not currently covered, please tell - us.</p> - - <h3><a name="exceptions"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> How do I stop it blocking a - URL that I actually want?</h3> - - <p>You can change the patterns so they don't cover it, or use a - simple feature in Version 1.1 and later: a line beginning with - a <code>~</code> character means that a URL blocked by previous - patterns that matches the rest of the line is let through. For - example, the pattern <code>/ad</code> would block <code> - /addasite.html</code> but not if followed by <code> - ~/addasite</code> in the blockfile. Or suppose you want to see - everything that comes from a site you like, even if it looks - like an ad: simply put <code>~aSiteYouLike.com</code> at the - <em>end</em> of the blockfile. (Order is important, because the - last matching line wins.)</p> - - <p><a name="agreed"></a>As well as unblocking pages that were - unintentionally blocked, this feature is useful for unblocking - ads from a specific source. This might be because you are - interested in those particular ones, or if you have an explicit - agreement to accept certain ads, such as those from a free - web-based email provider.</p> - - <p><a name="blocked"></a>If you want to find out exactly which - pattern in the blockfile a given URL matched, just click on the - words ``Internet Junkbuster'' which are displayed alone on a - page when your browser requests a blocked URL. The proxy - displays a message that pinpoints the pattern for you.</p> - - <h3><a name="children"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can I block sites I don't want my - children to see?</h3> - - <p>Yes, but remember that <a name="savvy"></a>children who are - technically sophisticated enough to use the browsers' proxy - configuration options could of course bypass any proxy. This - kind of technology can be used as a gentle barrier to remind or - guide the child, but nobody should expect it to replace the - parent's role in setting and enforcing standards of online - behavior for their children.</p> - - <p><a name="recommend"></a>Some ISPs are starting to provide - specialized proxies to protect children. There are two basic - approaches: the ``black list'' and the ``white list'' approach. - <a name="negative"></a>The black list approach allows the child - to go anywhere not explicitly prohibited; the white list - permits visits only to sites explicitly designated as - acceptable.</p> - - <p><a name="positive"></a>It's very easy for anyone to compile - a white list from a page of ``recommended kids sites'' and to - configure an Internet Junkbuster to allow access to those sites - only. (If you publish such a list on the web, please tell us - its URL). Assuming your version isn't an old one without regex, - you can place a <code>*</code> (asterisk) as the first line of - the blockfile (which blocks everything), and then list - exceptions after that. Be careful to make the exception - sufficiently broad: for example, using <code> - ~www.uexpress.com/ups/comics/ch/</code> as the exception for - <cite>Calvin and Hobbes</cite> would block some of the graphic - elements on the page; you would probably want a wider exception - such as <code>~www.uexpress.com/ups/</code> to permit them.</p> - - <p><a name="trust"></a>Version 2.0 has an experimental feature - to permit only sites mentioned in a nominated <a href= - "ijbman.html#trustfile">trusted site.</a> This allows - organizations to build lists of sites for kids to browse, and - the software automatically restricts access to those on the - list.</p> - - <p><a name="scan"></a>Many filtering products actually scan for - keywords in the text of pages they retrieve before presenting - it, but the Internet Junkbuster does not do this. Building a - perfectly reliable black list system is hard, because it's very - difficult to state in advance exactly what is obscene or - unsuitable. For more info see our links page.</p> - - <h3><a name="message"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What do I see when a page or - graphic is blocked by the proxy?</h3> - - <p>You usually see a broken image icon, but it depends on - several factors beyond the proxy's control. If asked for a URL - matching its blockfile, the proxy returns an HTML page - containing a message identifying itself (currently the two - words ``Internet Junkbuster'') with a status 202 (Accepted) - instead of the usual 200 (OK). (Versions 1.X returned an error - 404: Forbidden, which caused strange behavior in some cases.) - Status 202 is described in the HTTP RFC as indicating that the - request has been accepted but not completed, and that it might - complete successfully in the future (in our case, if the - blockfile were changed).</p> - - <p><a name="depends"></a>The broken image icon is most common - because the browser is usually expecting a graphic. But if it - was expecting text, or if the page happens to be using certain - HTML extensions such as <code>layer</code> and your browser is - a late model from Microsoft, you may see the words ``Internet - Junkbuster'' displayed as a hot link.</p> - - <p><a name="click"></a>Clicking on the link takes you to an - explanation of the pattern in the blockfile that caused the - block, so that you can edit the blockfile and go back and - reload if you really want to see what was blocked. The - explanatory link is generated by the proxy and is automatically - intercepted based on its ending in <code>ij-blocked-url</code>; - even though the site is specified as <code> - http://internet.junkbuster.com</code> no request should - actually made to that site. If one is, it means that the proxy - was been removed after it generated the link.</p> - - <p><a name="layer"></a>To summarize: the identifying link to - the blocking explanation is usually turned into a broken image - icon, but it may be displayed on a page alone, or they may may - be restricted to the particular frame, layer or graphic area - specified in the page containing them. The proxy has no way of - knowing the context in which a URL will be used and cannot - control how the blocking message will be rendered.</p> - - <h3><a name="broken"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Why not replace blocked banners - with something invisible?</h3> - - <p><a name="infringe"></a>Many users have suggested to us that - blocked banners should be replaced by a something like a 1x1 - transparent GIF to make the page would look as if there was - nothing ever there. Apart from making it harder to catch - unintended blocking, this might also displease the owners of - the page, who could argue that such a change constitutes a - copyright infringement. We think that merely failing to allow - an included graphic to be accessed would probably not be - considered an infringement: after all this is what happens when - a browser is configured not to load images automatically. - However, we are not lawyers, so anyone in doubt should take - appropriate advice.</p> - - <p><a name="done"></a>In a context where the copyright issue is - resolved satisfactorily, a proxy could simply return a status - 301 or 302 and specify a replacement URL in a <code> - Location</code> and/or <code>URI</code> header. An alternative - would be to use inline code to return a 1 x 1 clear GIF. We do - not publish sample code for this, and we have no way of - stopping others who have.</p> - - <h3><a name="size"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Why not block banners based on - the dimensions of the image?</h3> - - <p>Many users have pointed out that most banner ads come in - standard sizes, so why not block all GIFs of those sizes? This - would theoretically be without fetching the object because the - dimensions are usually given in the <code>IMG</code> tag, but - it would require substantial changes in the code, and we doubt - whether it would be much more effective than a good block - list.</p> - - <h3><a name="embedded"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What about non-graphic - advertising within the pages I want?</h3> - - <p>The Internet Junkbuster deliberately does not provide a way - of automatically editing the contents of a page, to remove - textual advertising or to repair the holes left by blocked - banners. Other packages such as WebFilter do.</p> - - <p><a name="base"></a>For the same reason, it has no way of - stopping a new browser window being created, because this is - done through the <code>target</code> attribute in the <code> - <a></code> and <code><base></code> elements, not - through headers. Nor do we plan to add a feature to paralyze - animated GIFs.</p> - - <h3><a name="push"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Does it block ads on the - broadcasting ``push'' systems? How about pop-up ads?</h3> - - <p>We haven't tried it but we expect it would probably work on - image ads on push channels. See also adchoice.</p> - - <p><a name="pop"></a>Disabling Javascript stops some pop-up - ads. One problem is that some advertisers throw open a new - browser window to frame the ad. The ad is easily blocked, but - the empty window remains. You can kill it easily, but this is a - chore. We don't see how to stop them other than editing the - HTML from the parent window, which we don't like to do.</p> - - <p><a name="TBTD"></a>The TBTF newsletter warned subscribers to - push information that <a name="LOGTARGET"></a>in IE4, LOGTARGET - allows servers to determine the URLs viewed at their site even - if accessed from cache or through a proxy. If you use this - browser see our instructions on how to disable this.</p> - - <p><a name="pushy"></a>If you find you have experience using - the proxy with push, or have any other advice about it, please - tell us.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="cookies"></a> Cookies</h2> - - <p>For background information on cookies see our page - describing their dangers.</p> - - <h3><a name="breakthrough"></a><img border="0" src="fb.gif" - alt="*" width="14" height="14"> Might some cookies still - get through? How can I stop them?</h3> - - <p>Yes, you should expect the occasional cookie to make it - through to your browser. We know of at least three ways this - can happen; please tell us if you find any others. One way is - in secure documents, which are explained below.</p> - - <p><a name="EQUIV"></a>A few sites set cookies using a line - such as <code><META HTTP-EQUIV="Set-Cookie" - CONTENT="flavor=chocolate"></code> in the <code>HEAD</code> - section of an HTML document. <a name="javascript"></a>Cookies - can also be - <!-- IEM: http://cgi.netscape.com/eng/mozilla/Gold/handbook/javascript/ref_a-c.html#cookie_property --> - set and read in JavaScript. To see if this is happening in a - document, view its source, look in the <code>head</code> for a - section tagged <code>script language="JavaScript"</code>. If it - contains a reference to <code>document.cookie</code>, the page - can manipulate your cookie file without sending any cookie - headers. The Internet Junkbuster does not tamper with these - methods. Fortunately they are rarely used at the moment. If a - cookie gets set, it should be stopped by the proxy on its way - back to the server when a page is requested, but it can still - be read in Javascript.</p> - - <p><a name="alert"></a>To prevent cookies breaking through, - <strong>always</strong> keep cookie alerts turned on in your - browser, and disable Java and Javascript. Making the files hard - to write may also help.</p> - - <h3><a name="method"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Exactly how do cookies get - created and stored anyway?</h3> - - <p>When a web site's server sends you a page it also sends - certain ``header information'' which your browser records but - does not display. One of these is a <code>Set-Cookie</code> - header, which specifies the cookie information that the server - wants your browser to record. Similarly, when your browser - requests a page it also sends headers, specifying information - such as the graphics formats it understands. If a cookie has - previously been set by a site that matches the URL it is about - to request, your browser adds a <code>Cookie</code> header - quoting the previous information.</p> - - <p><a name="privacy"></a>For more background information on how - cookies can damage your privacy, see our page on cookies. For - highly detailed technical information see the RFC. The Internet - Junkbuster will show you all headers you use the <a href= - "ijbman.html#debug">debug</a> <code>8</code> option, or you can - get a sample from our demonstration page.</p> - - <h3><a name="break"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> If cookies can't get through, - will some things stop working for me?</h3> - - <p>Possibly. Some personalized services including certain - <!-- IEM: http://my.yahoo.com --> chat rooms require cookies. - <a name="registration"></a>Newspapers that require - <!-- IEM: http://www.nytimes.com/subscribe/sub-bin/new_sub.cgi#agree --> - registration or - <!-- IEM: http://interactive5.wsj.com/regUser.html --> - subscription will not automatically recognize you if you don't - send them the cookie they assigned you. And there are a very - small number of sites that do strange things with cookies; they - don't work for anyone that blocks cookies by any means. Some - sites such as Microsoft explain that their content is so - wonderfully compelling that they will withhold it from you - unless you submit to their inserting cookies.</p> - - <p><a name="hotmail"></a>Many free Web-based email services - require cookies. Hotmail also seems to require allowing both - <code>msn.com</code> and <code>passport.com</code> to set - cookies.</p> - - <p><a name="want"></a>If you want such sites to be given your - cookies, you can use the <a href="ijbman.html#cookiefile"> - cookiefile</a> option provided you are running Version 1.2 or - later yourself. Simply include the domain name of those sites - in the <i>cookiefile</i> specified by this option. If it still - doesn't work, the problem may be in other headers.</p> - - <p><a name="one"></a>It's possible to let cookies out but not - in, which is enough to keep some sites happy, but not all of - them: one newspaper site seems to go into an endless frenzy if - deprived of fresh cookies. A cookiefile containing a single - line consisting of the two characters <code>>*</code> - (greater-than and star) permits server-bound cookies only. The - <code>*</code> is a <a href="ijbman.html#wildcard">wildcard</a> - that matches all domains.</p> - - <p><a name="else"></a>If someone else is running the Internet - Junkbuster for you and has a version that - <!-- IAM: ijbfaq.html#registration --> passes server-bound - cookies through, you can try editing your browser's cookie file - to contain just the ones you want, and restart your browser. <a - name="window"></a>To subscribe to a new service like this after - you have started using the Internet Junkbuster, you can try the - following: tell your browser to stop using the Internet - Junkbuster, fill out and submit your subscription details - (allowing that web site to set a cookie), then reconfigure your - browser to use the Internet Junkbuster again (and stop more - cookies being sent). This also requires the <a href= - "ijbman.html#cookiefile">cookiefile</a> option, and its success - depends on the Web site not wanting to change your cookies at - every session. For this reason it does not work at some major - newspaper sites, for example. <a name="buyers"></a>But you may - prefer to look at whether other sites provide the same or - better services without demanding the opportunity to track your - behavior. The web is a buyer's market where most prices are - zero: very few people pay for content with money, so why should - you pay with your privacy?</p> - - <h3><a name="crumble"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can I control cookies on a - per-site basis?</h3> - - <p><a name="discard"></a>Yes, since version 1.2 the Internet - Junkbuster has included advanced cookie management facilities. - Unless you specify otherwise, cookies are discarded - (``crumbled'') by the Internet Junkbuster whether they came - from the server or the browser. In Version 1.2 and later you - can use the <a href="ijbman.html#cookiefile">cookiefile</a> - option to specify when cookies are to be passed through intact. - It uses the same syntax and <a href="ijbman.html#o_b"> - matching</a> algorithm as the blockfile.</p> - - <p><a name="cook"></a>If the URL matches a pattern in the <i> - <dfn>cookiefile</dfn></i> then cookies are let through in both - the browser's request for the URL and in the server's response. - <a name="directional"></a>One-way permissions can be specified - by starting the line with the <code>></code> or <code> - <</code> character. For example, a cookiefile consisting of - the four lines<br> - <code>org</code><br> - <code>>send-user-cookies.org</code><br> - <code> - <accept-server-cookies.org</code><br> - <code>~block-all-cookies.org</code><br> - allows cookies to and from <code>.org</code> domains only, - with the following exceptions:<br> - </p> - - <ol type="1"> - <li><a name="fed"></a>Cookies sent from servers in the domain - <code>send-user-cookies.org</code> are blocked on their way - to the client, but cookies sent by the browser to that domain - are still be fed to them.</li> - - <li><a name="take"></a>The cookies of <code> - accept-server-cookies.org</code> check in to the proxy and - are passed through to the browser, but when they come back to - the proxy they never check out.</li> - - <li><a name="deny"></a>All cookies to and from <code> - block-all-cookies.org</code> are blocked.</li> - </ol> - - <p><a name="paths"></a>If the <b><code>junkbuster</code></b> - was compiled with the regular expressions option they may be - used in paths. Any logging to a ``cookie jar'' is separate and - not affected.</p> - - <p><a name="breadth"></a>It's important to give hosts you want - to be able to set cookies sufficient breadth. For example, - instead of <code>www.yahoo.com</code> use <code> - yahoo.com</code> because the company uses many different hosts - ending in that domain.</p> - - <h3><a name="wafers"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can I make up my own fake cookies - (wafers) to feed to servers?</h3> - - <p>Yes, using the <a href="ijbman.html#wafer">wafer</a> option. - We coined the term <i><dfn>wafer</dfn></i> to describe cookies - chosen by a user, not the Web server. Servers may not find - wafers as tasty as the cookies they make themselves. But users - may enjoy controlling servers' diets for various reasons, such - as the following.</p> - - <ol type="1"> - <li><a name="retaliate"></a>Users who consider cookies to be - an unwelcome intrusion and a waste of their disk space can - respond in kind. By writing ``signature wafers'' they can - express their feelings about cookies, in a place that the - people in charge of them are most likely to notice.</li> - - <li> - <a name="notice"></a>Sites running a proxy that logs - cookies to a file (such as the Internet Junkbuster does - with the <a href="ijbman.html#jarfile">jarfile</a> option - on) may want to notify servers that their cookies are being - intercepted, deleted or copied. One possible reason for - doing this is the uncertain copyright status of cookie - strings. Nothing here should be taken as legal advice: we - are simply raising a question for any interested parties to - consider, and make no representation that such measures are - necessary or sufficient. Concerned proxy sites might decide - to send a wafer (named ``NOTICE'' for example) containing - text along the lines of the following. - - <blockquote> - <p><a name="licenses_on_cookies_refused"></a>TO WHOM IT - MAY CONCERN<i><br> - <br> - Do not send me any copyrighted information other than - the document that I am requesting or any of its necessary - components.<br> - <br> - In particular do not send me any cookies that are - subject to a claim of copyright by anybody. Take notice - that I refuse to be bound by any license condition - (copyright or otherwise) applying to any cookie.</i></p> - </blockquote> - Any company that tries to argue in court that the proxy - site was breaching their copyright in the cookies would be - met with the defense that the proxy site gave that company - the opportunity to protect its copyright by simply not - sending cookies after receiving the notice. - - <p><a name="pointer"></a>Cookies can be as long as four - thousand characters, so there's plenty of space for - lawyerly verbosity, but white space, commas, and - semi-colons are <a href="ijbman.html#o_w">prohibited.</a> - Spaces can be turned into underscores. Alternatively, a URL - could be sent as the cookie value, pointing to a document - containing a notice, perhaps with a suggestive value such - as<br> - <code> - http://www.junkbusters.com/ht/en/ijbfaq.html#licenses_on_cookies_refused</code><br> - - But including the notice directly would probably be - preferable because the addressee does not have to look it - up.</p> - - <p><a name="vanilla"></a>The Internet Junkbuster 2.0.2 - currently sends a full notice as a ``vanilla wafer'' if - cookies are being logged to a cookie jar and no other - wafers have been specified. It can be suppressed with the - <a href="ijbman.html#suppress-vanilla-wafer"> - suppress-vanilla-wafer</a> option, which might be used in - situations where there is an established understanding - between the proxy and all who serve it.</p> - </li> - </ol> - - <p><a name="gimme"></a>Junkbusters provides a CGI script that - lets you see your wafers as they appear to servers.</p> - - <p><a name="malfunction"></a>Wafers confuse a few fragile - servers. Hotmail appears to be one of them. If this troubles - you, don't use this option.</p> - - <p><a name="regardless"></a>Any wafers specified are sent to - all sites regardless of the cookiefile. <a name="compliant"> - </a> They are appended after any genuine cookies, to maintain - compliance with RFC 2109 in the event that a path was specified - for a cookie. The RFC's provisions regarding the <code>$</code> - character (such as the <code>Version</code> attribute) are - transparent to the proxy; it simply quotes what was recited by - the browser.</p> - - <p><a name="personalize"></a>If you want to send wafers only to - specific sites, you could try putting them your browser's - cookie file in a format conforming to the Netscape - specification, and then specify in the proxy's cookiefile that - cookies are to be sent to but not accepted from those sites, so - they can't overwrite the file. This may work with Netscape but - not all other browsers.</p> - - <h3><a name="jar"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Why would anyone want to save - their cookies in a ``cookie jar?''</h3> - - <p>We provided this capability just in case anyone wants it. - There are a few possible reasons.</p> - - <ol type="1"> - <li><a name="pay"></a>It's conceivable that marketing - companies might one day buy history files and cookie jars - from consumers in the same way that they currently pay them - to fill out survey forms. With this information they could - gather psychographic information, see which competitors' - sites the consumer has visited, and discover what advertising - is being targeted at them.</li> - - <li><a name="choose"></a>Some consumers might employ - semi-automated means of sorting through their cookie jars, - selecting which ones to place in their cookies file for use - by their browsers. Their decisions could be based on payments - offered, privacy rating systems such as TRUSTe proposes, or - their own opinion of the company. It could be done manually - or with software. There's an Internet Draft on trust - certification of cookies.</li> - - <li><a name="share"></a>Users may even start ``sharing'' - cookies among themselves, sending back cookies that servers - generated for other visitors. Servers that aren't expecting - this possibility will be misled about their visitors' - identities. Cookies could be shared among users on a single - machine, or across continents via FTP and anonymous - remailers. <a name="disinformation"></a>Privacy activists may - promote cookie disinformation campaigns as a way to defend - the public against abuse. If a significant percentage of - people send disinformative cookies, user tracking via cookies - may become less reliable and less used.</li> - </ol> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="anonymity"></a> Anonymity</h2> - - <p>For details on how your identity can be revealed while you - surf, see our page on privacy. Once you start using the - Internet Junkbuster you should find that much of the - information previously indicated on that page will no longer be - provided. If the <code>REMOTE HOST</code> indicating your IP - address is too close for comfort, see our suggestions below on - how to conceal your IP address. We also recommend that you - disable JavaScript and Java.</p> - - <h3><a name="disclose"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> If I use the Internet Junkbuster, - will my anonymity be guaranteed?</h3> - - <p>No. Your chances of remaining anonymous are improved, but - unless you are an expert on Internet security it would be - safest to assume that everything you do on the Web can be - attributed to you personally.</p> - - <p><a name="happen"></a>The Internet Junkbuster removes various - information about you, but it's still possible that web sites - can find out who you are. Here's one way this can happen.</p> - - <p><a name="ftp"></a>A few browsers disclose the user's email - address in certain situations, such as when transferring a file - by FTP. The Internet Junkbuster 2.0.2 does not filter the FTP - stream. If you need this feature, or are concerned about the - mail handler of your browser disclosing your email address, you - might consider products such as NSClean.</p> - - <p><a name="binaries"></a>Browsers downloaded as binaries could - use non-standard headers to give out any information they can - have access to: see the manufacturer's license agreement. It's - impossible to anticipate and prevent every breach of privacy - that might occur. The professionally paranoid prefer browsers - available as source code, because anticipating their behavior - is easier.</p> - - <h3><a name="should"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Why should I trust my ISP or - Junkbusters with my browsing data?</h3> - - <p>You shouldn't have to trust us, and you certainly don't have - to. We do not run the proxy as a service, where we could - observe your online behavior. We provide source code so that - everyone can see that the proxy isn't doing anything - sneaky.</p> - - <p><a name="awful"></a>You are already trusting your ISP not to - look at an awful lot of information on what you do. They - probably post a privacy policy on their site to reassure you. - If they run a proxy for you, using it could actually make it - slightly easier for them to monitor you, but we doubt that any - sane ISP would try this, because if it were discovered - customers would desert them.</p> - - <h3><a name="logging"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can the proxy be used for logging - who looks at what?</h3> - - <p>We don't want institutions to use this software as an - instrument of surveillance. We have deliberately not provided - options to add timestamps or records of which IP addresses - accessed which URLs. However, because we publish source code - anyone can modify it to do such things, and there is no way a - remote user can find out if this is happening. Again, you need - to be able to trust the entity providing your proxy service, - but you were probably in that position even before using a - proxy.</p> - - <h3><a name="header"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What private information from - server-bound headers is removed?</h3> - - <p>The Internet Junkbuster pounces on the following HTTP - headers in requests to servers, unless instructed otherwise in - the options.</p> - - <ol type="1"> - <li><a name="from"></a>The <code>FROM</code> header, which a - few browsers use to tell your email address to servers, is - dropped unless the <a href="ijbman.html#from">from</a> option - is set.</li> - - <li><a name="agent"></a>The <code>USER_AGENT</code> <a name= - "infer"></a>header is changed to indicate that the browser is - currently Mozilla (Netscape) 3.01 Gold with an unremarkable - Macintosh configuration. Misidentification helps resist - certain attacks. If your browser and hardware happen to be - accurately identified, you might want to change the default. - (Earlier versions of the Internet Junkbuster indicated - different details; by altering them periodically we aim to - hinder anyone trying to infer whether our proxy is present.) - <a name="lying"></a>If you don't like the idea of incorrectly - identifying your computer as a Mac, set it accordingly. - <!-- Aside: or read Kundera's Unbearable Lightness of Being, 5:5, ``It is a tragicomic fact..'' (p187?) --></li> - - <li><a name="referer"></a>The <code>REFERER</code> header - (which indicates where the URL currently being requested was - found) is dropped. A single static referer to replace all - real referers may be specified using the <a href= - "ijbman.html#referer">referer</a> option. Where no referer is - provided by the browser, none is added; the <a href= - "ijbman.html#add-header">add-header</a> option with arguments - such as <code>-x 'Referer: http://me.me.me'</code> can be - used to send a bogus referer with every request.</li> - </ol> - - <p>In Version 1.4 and later you can use the <a href= - "ijbman.html#o_r">-r @</a> option to selectively disclose - <code>REFERER</code> and <code>USER_AGENT</code> to only those - sites you nominate.</p> - - <p><a name="UA"></a>Some browsers send Referer and User-Agent - information under different non-standard headers. The Internet - Junkbuster 2.0.2 stops <code>UA</code> headers, but others may - get through. This information is also available via JavaScript, - so disable it. <a name="indexers"></a>Some search engines - encode the query you typed in the URL that goes to advertisers - to target a banner ad at you, so you will need to block the ad - as well as the referer header, unless you want them (and anyone - they might buy data from) to know everything you ever search - for.</p> - - <p><a name="JavaScript"></a>If you have JavaScript enabled (the - default on most browsers) servers can use it to obtain Referer - and User Agent, as well as your plug-ins. We recommend - disabling JavaScript and Java.</p> - - <p><a name="response"></a>Currently no HTTP response headers - (browser bound) are removed, not even the <code> - Forwarded:</code> or <code>X-Forwarded-For:</code> headers. Nor - are any added, <a href="ijbman.html#o_y">unless requested.</a> - We are considering a more flexible header management system for - a future version.</p> - - <h3><a name="breakage"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Might some things break because - header information is changed?</h3> - - <p>Possibly. If used with a browser less advanced than Netscape - 3.0 or IE-3, indicating an advanced browser may encourage pages - containing extensions that confuse your browser. If this - becomes a problem upgrade your browser or use the <a href= - "ijbman.html#user-agent">user-agent</a> option to indicate an - older browser. In Version 1.4 and later you can selectively - reveal your real browser to only those sites you nominate.</p> - - <p><a name="Russian"></a>Because different browsers use - different encodings of Russian and Czech characters, certain - web servers convert pages on-the-fly according to the User - Agent header. Giving a User Agent with the wrong operating - system or browser manufacturer causes some sites in these - languages to be garbled; Surfers to Eastern European sites - should <a href="ijbman.html#o_r">change it</a> to something - closer.</p> - - <p><a name="counters"></a>Some page access counters work by - looking at the referer; they may fail or break when - deprived.</p> - - <p><a name="wired"></a>Some sites depend on getting a referer - header, such as <code>uclick.com</code>, which serves comic - strips for many newspaper sites, including <cite> - Doonsbury</cite> for the <cite>Washington Post.</cite> (If you - click on that last link, you can then get to a page containing - the strip via the same URL we've linked to under <cite> - Doonsbury</cite>, but if you click on the <cite> - Doonsbury</cite> link directly, it gives you an error message - suggesting that you use a browser that supports referers.) In - Version 1.4 and later you can use the <a href= - "ijbman.html#o_r">-r @</a> option and place a line like <code> - >uclick.com</code> in your cookiefile. Wired News used to - use referer to decide whether to add a navigation column to the - page, but they have changed that.</p> - - <p><a name="Intellicast"></a>The weather maps of Intellicast - have been blocked by their server when no referer or cookie is - provided. You can use the same countermeasure with a line such - as <code>>208.194.150.32</code> (or simply get your weather - information elsewhere).</p> - - <p><a name="decide"></a>Some software vendors, including - Download.com and Intuit use <code>USER_AGENT</code> to decide - which versions of their products to display to you. With the - default you get Mac versions.</p> - - <p><a name="resort"></a>As a last resort if a site you need - doesn't seem to be working, the proxy configuration of many - browsers allow you to specify <b class="eg">No Proxy For</b> - any hostname you want.</p> - - <p><a name="What"></a>We had reports that on some versions of - Netscape the What's New feature did not work with the proxy, - but we think we fixed this in Version 2.0.1.</p> - - <h3><a name="misidentify"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> How is misidentifying my - browser good for security and privacy?</h3> - - <p>Almost every major release of both leading browsers has - contained bugs that allow malicious servers to compromise your - privacy and security. Known bugs are quickly fixed, but - millions of copies of the affected software remain out there, - and yours is probably one of them. The header that normally - identifies your browser tells such servers exactly which - attacks to use against you. By misidentifying your browser you - reduce the likelihood that they will be able to mount a - successful attack.</p> - - <h3><a name="conceal"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Does the Internet Junkbuster - conceal my IP address?</h3> - - <p>Web sites get the IP address of any proxy or browser they - serve pages to. If you run the proxy on your own computer the - IP address disclosed is the same as your browser would, unless - you use the <a href="ijbman.html#forwardfile">forwardfile</a> - option is used to chain to another proxy, in which case servers - only get the last IP address in the chain. Chaining slightly - slows browsing of course, but it improves anonymity.</p> - - <h3><a name="ident"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Does the Internet Junkbuster - thwart identification by identd?</h3> - - <p>We think so, provided you are not the user running the - proxy. If your computer (or your ISP's) is running the <code> - identd</code> demon, servers can ask it for the identity of the - user making the request at time you request a page from them. - But if you're going through a proxy, they will identify the - user name associated with the proxy, not you. A visit to - http://ident.junkbusters.com lets you see what's happening. - This test is (quite rightly) blocked by many firewalls; just - interrupt the transfer if you get an abnormal wait after - clicking. Running other applications may also expose you via - <code>identd</code>; the proxy of course doesn't help then.</p> - - <h3><a name="detect"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can web sites tell that I'm using - the Internet Junkbuster?</h3> - - <p>With the default options the proxy doesn't announce itself. - Obvious indications such as Keep-Alive headers are <a href= - "ijbman.html#o_x">deleted,</a> but sites might notice that you - can cancel cookies faster than any human could possibly click - on a mouse. (If you want to provide a plausible explanation for - this, change the User Agent header to a cookie-free or - cookie-crunching browser).</p> - - <p><a name="figure"></a>But when certain options are used they - could figure out something's going on, even if they're not - pushing cookies. If you use blocking they can tell from their - logs that the graphics in their pages are not being requested - selectively. The <a href="ijbman.html#add-forwarded-header"> - add-forwarded-header</a> option explicitly announces to the - server that a proxy is present, and sending them wafers is of - course a dead giveaway.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <h2><a name="security"></a> Security</h2> - - <h3><a name="encrypt"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> What happens with Secure - Documents (SSL, https:)?</h3> - - <p>If you enter a ``Secure Document Area,'' cookies and other - header information such as User Agent and Referer are sent - encrypted, so they cannot be filtered. We recommend getting - your browser to alert you when this happens. (On Netscape: <b - class="eg">Options</b>; <b class="eg">Security</b>; <b class= - "eg">General</b>; <b class="eg">Show an alert before entering a - secure document space</b>.) We also recommend adding the line - <code>:443</code> to the blockfile to stop all but sites - specified in an exception after that line from using SSL.</p> - - <p><a name="passage"></a>It may be possible to filter encrypted - cookies by combining the blocking proxy with a cryptographic - proxy along the lines of SafePassage, but we have not tried - this.</p> - - <h3><a name="ssl"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Will using this as my Security - Proxy compromise security?</h3> - - <p>We're not security experts, but we don't think so. The whole - point of SSL is that the contents of messages are - <!-- IEM: http://addy.com/dc/html/what_is_ssl_.html --> - encrypted by the time they leave the browser and the server. - Eavesdroppers (including proxies) can see where your messages - are going whether you are running a proxy or not, but they only - get to see the contents after they have been encrypted.</p> - - <h3><a name="restrict"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Can I restrict use of the proxy - to a set of nominated IP addresses?</h3> - - <p>Yes, we added an <a href="ijbman.html#aclfile">access - control</a> file in Version 2.0. But before you use it please - consider why you want to do it. If the reason is security, it - probably means you need a firewall.</p> - - <p><a name="selective"></a>The <a href= - "ijbman.html#listen-address">listen-address</a> option provides - a way of binding the proxy to a single IP address/port. The - right way to do this is to choose a port inside your firewall, - and deny access to it to those outside the firewall. The - Internet Junkbuster is not a firewall proxy; it should not be - expected to solve security problems.</p> - - <p><a name="firewall"></a>For background information on - firewalls, see Yahoo or a magazine article or these well-known - books: <cite>Firewalls and Internet Security: Repelling the - Wily Hacker</cite> by William R. Cheswick and Steven M. - Bellovin or <cite>Building Internet Firewalls</cite> by D. - Brent Chapman and Elizabeth D. Zwicky. There's - <!-- IEM: http://www.wmd.de/wmd/staff/pauck/misc/fwtk_on_linux.html --> - free Linux software available, and a large number of commercial - products and services. For an excellent security overview, - primer, and compendium reference, see <cite>Practical Unix and - Internet Security</cite> by Simson Garfinkel and Gene - Spafford.</p> - - <h3><a name="others"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Are there any security risks for - ISPs or others who offer the proxy?</h3> - - <p>Yes. As with any service offered over the Internet, hackers - can try to misuse it. A well-run ISP will have professionals - who are experienced at assessing and containing these - risks.</p> - - <p><a name="outside"></a>It's possible to set up your machine - so that other people can have access to your proxy, but if you - lack expertise in computer security you probably shouldn't have - your computer configured to offer this or any other service to - the outside world.</p> - - <p><a name="attack"></a>Hackers can attempt to gain access to - the machine by various attacks, which we have tried to guard - against but don't guarantee to thwart. They can also use the - ``anonymizing'' quality of proxies to try to cover their tracks - while hacking other computers. For this reason we recommend - preventing it being used as an anonymous <code>telnet</code> by - putting the pattern <code>:23</code> in the blockfile (it's - included as standard equipment). (Actually the current - implementation incidentally blocks telnet due to the way - headers are handled, but it's best not to rely on this.) If you - wish to block all ports except the default HTTP port 80, you - can put the lines<br> - <code>:</code><br> - <code>~:80</code><br> - at the beginning of the blockfile, but be aware that some - servers run on non-default ports (e.g. 8080). You might also - want to add the line <code>~:443</code> to allow SSL.</p> - - <p><a name="root"></a>On UNIX ® systems it is neither - necessary nor desirable for the proxy to run as root.</p> - - <p><a name="patched"></a>Versions 2.0.1 and below may be - vulnerable to remote exploitation of a memory buffer bug; for - security reasons all users are encouraged to upgrade.</p> - - <p><a name="holes"></a>If you find any security holes in the - code please tell us, along with any suggestions you may have - for fixing it. However, we do not claim that we will be able to - do so.</p> - - <p><a name="useful"></a>We distribute this code in the hope - that people will find it useful, but we provide no warranty for - it, and we are not responsible for anyone's use or misuse of - it.</p> - - <p><a name="updates"></a>You may also want to check back - periodically for updated versions of the code. We do not - currently maintain a mailing list. To get quick updates, - bookmark our Distribution Information page.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <p class="sans"><a href="http://ijbswa.sourceforge.net/"> - Website</a> <b class="dot">·</b> <a href="ijbman.html"> - Manual</a> <b class="dot">·</b> <b>FAQ</b> <b class= - "dot">·</b> <a href="gpl.html">GPL</a></p> - - <p class="sans"><small><small><a href="gpl.html#text"> - Copyright</a> © 1996-8 <a href= - "http://www.junkbusters.com/">Junkbusters</a> <a href= - "http://www.junkbusters.com/ht/en/legal.html#marks">®</a> - Corporation. <a href="gpl.html#text">Copyright</a> © 2001 - <a href="http://sourceforge.net/projects/ijbswa/">Jon - Foster</a>. Copying and distribution permitted under the <a - href="gpl.html">GNU</a> General Public - License.</small></small></p> - - <p><small><code><a href= - "http://sourceforge.net/projects/ijbswa/"> - http://sourceforge.net/projects/ijbswa/</a></code></small></p> - </body> -</html> - diff --git a/doc/obsolete/ijbman.html b/doc/obsolete/ijbman.html deleted file mode 100644 index 8329e572..00000000 --- a/doc/obsolete/ijbman.html +++ /dev/null @@ -1,708 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<!-- $Id: ijbman.html,v 1.2 2001/05/17 22:56:17 jongfoster Exp $ - - See copyright details at end of file - - After changing this file, please run it through "HTML Tidy" - (from http://www.w3.org/People/Raggett/tidy/) - It should have no warnings or errors. ---> - -<html> - <head> - <title>Internet Junkbuster Technical Information</title> - <meta name="description" content= - "The manual page for the Internet Junkbuster, free software to removes banner ads, cookies, and other stuff you don't want from your web browser."> - <meta name="keywords" content= - "stop, junk, busters, junkbusters, junkbuster, mail, email, e-mail, direct, spam, privacy, sharing, names, renting, direct, marketing, database, databases, junk mail, lists, environment, consumer, sending, opt out "> -<style type="text/css"> -<!-- -h2 { text-align: Center; font-family: arial, helvetica, sans-serif } -p.sans { font-family: arial, helvetica, sans-serif } -b.dot { color: #FF0000 } -b.eg { font-family: arial, helvetica, sans-serif } ---> -</style> - </head> - - <body bgcolor="#f8f8f0" link="#000078" alink="#ff0022" vlink= - "#787878"> - <p class="sans"><a href="http://ijbswa.sourceforge.net/"> - Website</a> <b class="dot">·</b> <b>Manual</b> <b class= - "dot">·</b> <a href="ijbfaq.html">FAQ</a> <b class= - "dot">·</b> <a href="gpl.html">GPL</a></p> - - <h1 align="center"><a name="top_of_page"></a>Internet - J<small>UNK<i style="color: #FF0000">BUSTER</i></small> - Technical Information</h1> - - <p align="center" class="sans"><a href="#description"> - Options</a> <b class="dot">·</b> <a href="#show"> - Checking Options</a> <b class="dot">·</b> <a href= - "#install">Installation</a> <b class="dot">·</b> <a - href="#copyright">Copyright</a> <b class="dot">·</b> <a - href="ijbfaq.html#top_of_page">(FAQ)</a></p> - - <h1>This document is out of date</h1> - - <p><b>Development of JunkBuster is ongoing and this document is - no longer current. However, it may provide some assistance. If - you have problems, please use the <a href= - "http://groups.yahoo.com/group/junkbuster-users/">Yahoo Groups - mailing list</a> (which includes an archive of mail), the - SourceForge.net <a href= - "http://sourceforge.net/projects/ijbswa/">project page</a>, or - see the project's <a href="http://ijbswa.sourceforge.net/">home - page</a>. Please also bear in mind that versions 2.9.x of - JunkBuster are development releases, and are not production - quality.</b></p> - - <h2><a name="man"></a>Manual Page</h2> - - <p>A copy of this page in standard <code>man</code> macro - format is included in the <a href="ijbfaq.html#tar">tar - archive</a>.</p> - - <h3><a name="name"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Name</h3> - - <p><b><code>junkbuster</code></b> - The Internet Junkbuster - Proxy <a href= - "http://www.junkbusters.com/ht/en/legal.html#marks"><small> - <sup>TM</sup></small></a></p> - - <h3><a name="synopsis"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Synopsis</h3> - - <p><code><b>junkbuster</b></code> <i>configfile</i> (Unix)<br> - <b><code>junkbstr.exe</code></b> [<i>configfile</i>] - (Windows)</p> - - <h3><a name="description"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> Description</h3> - - <p><b><code>junkbuster</code></b> is an instrumentable proxy - that filters the HTTP stream between web servers and browsers. - Its main purposes are to block adverts and enhance privacy.</p> - - <p><a name="dual"></a>It is configured using a configuration - file and several files listing URL patterns. The - configuration file must be specified on the command line. - The Windows version will default to using the configuration - file <code>junkbstr.ini</code> if it exists and no argument was - given.</p> - - <p><a name="reread"></a>All files except the main configuration - file are checked for changes before each page is fetched, so - they may edited without restarting the proxy.</p> - - <h4>Options</h4> - - <dl> - <dt><i><a name="o_b"></a></i><a name= - "blockfile"></a><code>blockfile</code> <i> - blockfile</i></dt> - - <dd> - <p><a href="ijbfaq.html#blocking">Block</a> requests to - URLs matching any pattern given in the lines of the <i> - blockfile</i>. The <b><code>junkbuster</code></b> instead - returns status 202, indicating that the request has been - accepted (though not completed), and a <a href= - "ijbfaq.html#show">message identifying itself</a> (though - the browser may display only a broken image icon). - The syntax of a pattern is <code> - [domain][:port][/path]</code> (the <code>http://</code> or - <code>https://</code> protocol part is omitted). To decide - if a pattern matches a target, the domains are compared - first, then the paths.</p> - - <p><a name="compare"></a>To compare the domains, the - pattern domain and the target domain specified in the URL - are each broken into their components. (Components are - separated by the <code>.</code> (period) character.) Next - each of the target components is compared with the - corresponding pattern component: last with last, - next-to-last with next-to-last, and so on. (This is called - <i><dfn>right-anchored</dfn></i> matching.) If all of the - pattern components find their match in the target, then the - domains are considered a match. Case is irrelevant when - comparing domain components.</p> - - <p><a name="substring"></a>A successfully matching pattern - can be an anchored substring of a target, but not vice - versa. Thus if a pattern doesn't specify a domain, it - matches all domains. <a name="wildcard"></a>Furthermore, - when comparing two components, the components must either - match in their entirety or up to a wildcard <code>*</code> - (star character) in the pattern. The wildcard feature - implements only a "prefix" match capability ("abc*" vs. - "abcdefg"), not suffix matching ("*efg" vs. "abcdefg") or - infix matching ("abc*efg" vs. "abcdefg"). The feature is - restricted to the domain component; it is unrelated to the - optional regular expression feature in the path <a href= - "#regex">(described below).</a></p> - - <p><a name="numeric"></a>If a numeric port is specified in - the pattern domain, then the target port must match as - well. The default port in a target is port 80.</p> - - <p><a name="onward"></a>If the domain and port match, then - the target URL path is checked for a match against the path - in the pattern. Paths are compared with a simple - case-sensitive left-anchored substring comparison. Once - again, the pattern can be an anchored substring of the - target, but not vice versa. A path of <code>/</code> - (slash) would match all paths. Wildcards are not considered - in path comparisons.</p> - - <p><a name="example"></a>For example, the target URL<br> - <code> - the.yellow-brick-road.com/TinMan/has_no_brain</code><br> - would be matched (and blocked) by the following - patterns<br> - <code>yellow-brick-road.com</code><br> - and<br> - <code>Yellow*.COM</code><br> - and<br> - <code>/TinM</code><br> - but not<br> - <code> - follow.the.yellow-brick-road.com</code><br> - or<br> - <code>/tinman</code><br> - </p> - - <p><a name="comments"></a>Comments in a blockfile start - with a <code>#</code> (hash) character and end at a new - line. Blank lines are also ignored.</p> - - <p><a name="except"></a>Lines beginning with a <code> - ~</code> (tilde) character are taken to be <a href= - "ijbfaq.html#exceptions">exceptions:</a> a URL blocked by - previous patterns that matches the rest of the line is let - through. (The last match wins.)</p> - - <p><a name="regex"></a>Patterns may contain POSIX <a href= - "ijbfaq.html#regex">regular expressions</a> provided the - <b><code>junkbuster</code></b> was compiled with this - option (the default in Version 2.0 on). The idiom <code> - /*.*/ad</code> can then be used to match any URL containing - <code>/ad</code> (such as <code> - http://nomatterwhere.com/images/advert/g3487.gif</code> for - example). These expressions <a href="#substring">don't - work</a> in the domain part.</p> - - <p><a name="rereads"></a>In version 1.3 and later the - blockfile and cookiefile are checked for changes before - each request.</p> - </dd> - - <dt><i><a name="o_w"></a></i><a name= - "wafer"></a><code>wafer</code> <i> - NAME=VALUE</i></dt> - - <dd> - <p>Specifies a pair to be sent as a cookie with every - request <a href="ijbfaq.html#wafers">to the server.</a> - (Such boring cookies are called <i>wafers</i>.) This option - may be called more than once to generate multiple wafers. - The original Netscape specification prohibited semi-colons, - commas and white space; these characters will be - URL-encoded if used in wafers. - <!-- Aside: genuine cookies are not encoded --> - <!-- Aside: we could use quoted string as specified in the new RFC --> - The Path and Domain attributes are not currently - supported.</p> - </dd> - - <dt><i><a name="o_c"></a></i><a name= - "cookiefile"></a><code>cookiefile</code> <i> - cookiefile</i></dt> - - <dd> - <p>Enforce the cookie management policy specified in the - <i>cookiefile.</i> <a name="java"></a>If this option is not - used all cookies are silently crunched, so that users who - never want cookies aren't bothered by browsers asking - whether each cookie should be accepted. However, cookies - can <a href="ijbfaq.html#breakthrough">still get - through</a> via <a href= - "http://www.junkbusters.com/ht/en/links.html#javascript"> - JavaScript</a> and SSL, so alerts should be left on.</p> - - <p><a name="dropping"></a>In Version 1.2 and later this - option must be followed by a <a href="ijbfaq.html#crumble"> - filename</a> containing instructions on which sites are - allowed to receive and set cookies. <a name="drop"></a>By - default cookies are dropped in both the browser's request - and the server's response, unless the URL requested matches - an entry in the <i>cookiefile</i>. The matching algorithm - is the same as for the blockfile. A leading <code> - ></code> character allows <a href= - "ijbfaq.html#directional">server-bound</a> cookies only; a - <code><</code> allows only browser-bound cookies; a - <code>~</code> character stops cookies in <a href= - "ijbfaq.html#crumble">both directions.</a> Thus a - cookiefile containing a single line with the two characters - <code>>*</code> will pass on all cookies to servers but - not give any new ones to the browser.</p> - </dd> - - <dt><i><a name="o_j"></a></i><a name= - "jarfile"></a><code>jarfile</code> <i> - jarfile</i></dt> - - <dd> - <p>All Set-cookie attempts by the server are <a href= - "ijbfaq.html#jar">logged</a> to <i>jarfile</i>. If no wafer - is specified, one containing a <a href= - "ijbfaq.html#notice">canned notice</a> (the <i>vanilla - wafer</i>) is added as an alert to the server unless the <a - href="#suppress-vanilla-wafer">suppress-vanilla-wafer</a> - option is invoked.</p> - </dd> - - <dt><i><a name="o_v"></a></i><a name= - "suppress-vanilla-wafer"></a><code>suppress-vanilla-wafer</code></dt> - - <dd> - <p>Suppress the vanilla wafer.</p> - </dd> - - <dt><i><a name="o_t"></a></i><a name= - "from"></a><code>from</code> <i>from</i></dt> - - <dd> - <p>If the browser <a href="ijbfaq.html#from">discloses an - email address</a> in the <code>FROM</code> header (most - don't), replace it with <i>from.</i> If <i>from</i> is set - to <b>.</b> (the period character) the <code>FROM</code> is - passed to the server unchanged. The default is to delete - the <code>FROM</code> header.</p> - </dd> - - <dt><i><a name="o_r"></a></i><a name= - "referer"></a><code>referer</code> <i> - referer</i></dt> - - <dd> - <p>Whenever the browser discloses the URL that <a href= - "ijbfaq.html#referer">led to</a> the current request, - replace it with <i>referer.</i> If <i>referer</i> is set to - <b>.</b> (period) the URL is passed to the server - unchanged. If referer is set to <b>@</b> (at) the URL is - sent in cases where the cookiefile specifies that a cookie - would be sent. (No way to send bogus referers selectively - is provided.) The default is to delete Referer.</p> - - <p><a name="referrer"></a>Junkbuster also accepts the - spelling <code>referrer</code>, which most dictionaries - consider correct.</p> - </dd> - - <dt><i><a name="o_u"></a></i><a name= - "user-agent"></a><code>user-agent</code> <i> - user-agent</i></dt> - - <dd> - <p>Information disclosed by the browser <a href= - "ijbfaq.html#agent">about itself</a> is replaced with the - value <i>user-agent.</i> If <i>user-agent</i> is set to <b> - .</b> (period) the <code>User-Agent</code> header is passed - to the server unchanged, along with any <code>UA</code> - headers produced by MS-IE (which would otherwise be - deleted). If <i>user-agent</i> is set to <b>@</b> (at) - these headers are sent unchanged in cases where the - cookiefile specifies that a cookie would be sent, otherwise - only default <code>User-Agent</code> header is sent. That - default is Mozilla/3.0 (Netscape) with an unremarkable <a - href="ijbfaq.html#infer">Macintosh</a> configuration. If - used with a browser less advanced than Mozilla/3.0 or IE-3, - the default may encourage pages containing extensions that - confuse the browser.</p> - </dd> - - <dt><a name="o_h"></a><a name= - "listen-address"></a><code>listen-address</code> - <i>[host][:port]</i></dt> - - <dd> - <p>If <i>host</i> is specified, bind the <b><code> - junkbuster</code></b> to that IP address. If a <i>port</i> - is specified, use it. The default port is 8000; the default - host is <code>localhost</code>.</p> - - <p>This default host setting means that you can only - connect to the proxy from ther local computer. This is a - security measure - if you allow anyone to use the proxy, - then hackers or fraudsters could use it to help hide their - identity. It also provides a lot of protection against any - undiscovered security flaws in JunkBuster - if they can't - connect to it, then they can't attack it.</p> - - <p>If you change this value, we recommend you <i>either</i> - set the host to <code>localhost</code>:<br> - <code>listen-address - localhost:8080</code><br> - <i>or</i>, if you want to share a single internet - connection over your internal network, then set it to the - address of your internal ethernet card:<br> - <code>listen-address - 10.1.1.1:8080</code><br> - (replace 10.1.1.1 with your internal IP address), <i> - or</i> set up an <i><a href="#aclfile">aclfile</a></i>. To - make the proxy accessible from everywhere (e.g. if you're - using an access control list or if you just don't care - about security), specify just the port number - e.g:<br> - <code>listen-address :8000</code><br> - (This binds the proxy to <b>all</b> IP addresses - (<code>INADDR_ANY</code>)).</p> - </dd> - - <dt><i><a name="o_f"></a></i><a name= - "forwardfile"></a><code>forwardfile</code> <i> - forwardfile</i></dt> - - <dd> - <p>Junkbuster has a flexible syntax for forwarding HTTP - requests. This is used e.g. if you are behind a firewall - and need to connect through it, or if you want to use a - cacheing proxy to speed up your web browsing.</p> - - <p>Every line in the forwardfile consists of four - components, seperated by whitespace. These are:<br> - <br> - <code><i>target forward_to via_gateway_type - gateway</i></code></p> - - <p><i>target</i> is a pattern used to select which line of - the forwardfile is used. "<code>*</code>" is the most - commonly used value, and matches every URL. As usual, the - last matching <i>target</i> wins. (If no pattern matches, a - direct connection will be used)</p> - - <p><i>forward_to</i> specifies the HTTP proxy server to - use, or "<code>.</code>" for none. This is used to connect - to a cacheing proxy such as Squid, and for most types of - firewall. The port number defaults to 8000 if it is not - specified.</p> - - <p>Here is a typical line.</p> -<pre> -* lpwa.com:8000 . . -</pre> - - <p>The target domain need not be a fully qualified - hostname; it can be a general domain such as <code> - com</code> or <code>co.uk</code> or even just a port - number. <a name="nose"></a>For example, because <a href= - "http://lpwa.com">LPWA</a> does not handle <a href= - "ijbfaq.html#encrypt">SSL</a>, the line above will - typically be followed by a line such as</p> -<pre> -:443 . . . -</pre> - - <p>to allow SSL transactions to proceed directly. The - cautious would also add an entry in their blockfile to stop - transactions to port 443 for all but specified trusted - sites.</p> - - <p><a name="loop"></a>Configure with care: no loop - detection is performed. When setting up chains of proxies - that might loop back, try adding <a href="#squid"> - Squid.</a></p> - - <p><i>via_gateway_type</i> and <i>gateway</i> are used to - support SOCKS proxies. Some firewalls provide this type of - proxy. If you do not not want to use a SOCKS proxy, specify - both of these fields as "<code>.</code>".</p> - - <p><a name="configure"></a><a name="identify"></a>Note that - JunkBuster is a SOCKS <b>client</b>, <b>not</b> a SOCKS <b> - server</b>. The user's browser should <b>not</b> be <a - href="ijbfaq.html#socks">configured</a> to use <code> - SOCKS</code>; the proxy conducts the negotiations, not the - browser.</p> - - <p>The <code>SOCKS4</code> protocol may be specified by - setting <i>via_gateway_type</i> to <code>socks</code> or - <code>socks4</code>. The <code>SOCKS4A</code> protocol is - specified as <code>socks4a</code>. The <code>SOCKS5</code> - protocol is not currently supported.</p> - - <p><i>gateway</i> should be the host and port of the SOCKS - server. If you just specify a hostname, then the port - number defaults to 1080.</p> - - <p>The user identification capabilities of <code> - SOCKS4</code> are deliberately not used; the user is always - identified to the <code>SOCKS</code> server as <code> - userid=anonymous</code>. If the server's policy is to - reject requests from <code>anonymous</code>, the proxy will - not work. Use a <a href="#o_d">debug</a> value of 3 to see - the status returned by the server.</p> - - <p>If you specify both a HTTP proxy (with <i> - forward_to</i>) and a SOCKS proxy (with <i>gateway</i>) - then the SOCKS proxy is used to connect to the HTTP proxy. - If you just specify a SOCKS proxy, it is used to connect - directly to the websites.</p> - </dd> - - <dt><i><a name="o_d"></a></i><a name= - "debug"></a><code>debug</code> <i>N</i></dt> - - <dd> - <p>Set debug mode. The most common value is 1, to <a href= - "ijbfaq.html#pinpoint">pinpoint</a> offensive URLs, so they - can be added to the blockfile. The value of <b>N</b> is a - bitwise logical-OR of the following values:<br> - 1 = URLs (show each URL requested by the browser);<br> - 2 = Connections (show each connection to or from the - proxy);<br> - 4 = I/O (log I/O errors);<br> - 8 = Headers (as each header is scanned, show the header - and what is done to it);<br> - 16 = Log everything (including debugging traces and the - contents of the pages).<br> - 32 = Record accesses in Common Log Format, as used by most - web and proxy servers.</p> - - <p><a name="or"></a>Multiple <code>debug</code> lines are - permitted; they are logical OR-ed together.</p> - - <p><a name="single"></a>Because most browsers send several - requests in parallel the debugging output may appear - intermingled, so the <a href="#single-threaded"> - single-threaded</a> option is recommended when using <a - href="#debug">debug</a> with <b>N</b> greater than 1. - <!-- Aside: Yes, it's clumsy, but it's easy to parse. --></p> - </dd> - - <dt><i><a name="o_y"></a></i><a name= - "add-forwarded-header"></a><code>add-forwarded-header</code></dt> - - <dd> - <p>Add <code>X-Forwarded-For</code> headers to the - server-bound HTTP stream indicating the client IP address - <a href="ijbfaq.html#detect">to the server,</a> in the new - style of <a href="#squid">Squid 1.1.4.</a> If you want the - traditional <code>HTTP_FORWARDED</code> response header, - add it manually with the <a href="#o_x">-x</a> option. This - also allows other <code>X-Forwarded-For</code> headers to - be transmitted - usually they are discarded.</p> - </dd> - - <dt><i><a name="o_x"></a></i><a name= - "add-header"></a><code>add-header</code> <i> - HeaderText</i></dt> - - <dd> - <p>Add the <i>HeaderText</i> verbatim to requests to the - server. Typical uses include adding old-style forwarding - notices such as <code>Forwarded: by - http://pro-privacy-isp.net</code> and reinstating the - <code>Proxy-Connection: Keep-Alive</code> header (which the - <b><code>junkbuster</code></b> deletes so as <a href= - "ijbfaq.html#detect">not</a> to reveal its existence). No - checking is done for correctness or plausibility, so it can - be used to throw any old trash into the server-bound HTTP - stream. Please don't litter. - <!-- Aside: this represents "more than enough rope" --></p> - </dd> - - <dt><i><a name="o_s"></a></i><a name= - "single-threaded"></a><code>single-threaded</code></dt> - - <dd> - <p>Doesn't <code>fork()</code> a separate process (or - create a separate thread) to handle each connection. Useful - when debugging to keep the process single threaded.</p> - </dd> - - <dt><i><a name="o_l"></a></i><a name= - "logfile"></a><code>logfile</code> <i> - logfile</i></dt> - - <dd> - <p>Write all debugging data into <i>logfile.</i> The - default <i>logfile</i> is the standard output.</p> - </dd> - - <dt><br> - <a name="aclfile"></a><code>aclfile</code> <i> - aclfile</i></dt> - - <dd> - <p>Unless this option is used, the proxy talks to anyone - who can connect to it, and everyone who can has equal - permissions on where they can go. An access file allows - restrictions to be placed on these two policies, by - distinguishing some <i><dfn>source</dfn></i> IP addresses - and/or some <i><dfn>destination</dfn></i> addresses. (If a - <a href="#forwardfile">forwarder or a gateway</a> is being - used, its address is considered the destination address, - not the ultimate IP address of the URL requested.)</p> - - <p><a name="permit"></a>Each line of the access file begins - with either the word <code>permit</code> or <code> - deny</code> followed by source and (optionally) destination - addresses to be matched against those of the HTTP request. - The last matching line specifies the result: if it was a - <code>deny</code> line or if no line matched, the request - will be refused.</p> - - <p><a name="various"></a>A source or destination can be - specified as a single numeric IP address, or with a - hostname, provided that the host's name can be resolved to - a numeric address: this cannot be used to block all <code> - .mil</code> domains for example, because there is no single - address associated with that domain name. Either form may - be followed by a slash and an integer <code>N</code>, - specifying a subnet mask of <code>N</code> bits. For - example, <code>permit 207.153.200.72/24</code> matches the - entire Class-C subnet from 207.153.200.0 through - 207.153.200.255. (A netmask of 255.255.255.0 corresponds to - 24 bits of ones in the netmask, as with <code> - *_MASKLEN=24</code>.) A value of 16 would be used for a - Class-B subnet. A value of zero for <code>N</code> in the - subnet mask length will cause any address to match; this - can be used to express a default rule. For more information - see the example file provided with the distribution.</p> - - <p><a name="false"></a>If you like these access controls - you should probably have <a href="ijbfaq.html#firewall"> - firewall</a>; they are not intended to replace one.</p> - </dd> - - <dt><br> - <a name="trustfile"></a><code>trustfile</code> - <i>trustfile</i></dt> - - <dd> - <p>This feature is experimental, has not been fully - documented and is very subject to change. The goal is for - parents to be able to choose a page or site whose links - they regard suitable for their <a href= - "ijbfaq.html#children">young children</a> and for the proxy - to allow access only to sites mentioned there. To do this - the proxy examines the <a href="#o_r">referer</a> variable - on each page request to check they resulted from a click on - the ``trusted referer'' site: if so the referred site is - added to a list of trusted sites, so that the child can - then move around that site. There are several uncertainties - in this scheme that experience may be able to iron out; - check back in the months ahead.</p> - </dd> - - <dt><br> - <a name="trust_info_url"> - </a><code>trust_info_url</code> <i> - trust_info_url</i></dt> - - <dd> - <p>When access is denied due to lack of a trusted referer, - this URL is displayed with a message pointing the user to - it for further information.</p> - </dd> - - <dt><br> - <a name="hide-console"></a><code>hide-console</code></dt> - - <dd> - <p>In the Windows command-line version only, instructs the - program to disconnect from and hide the command console - after starting.</p> - </dd> - </dl> - - <h3><a name="install"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Installation and Use</h3> - - <p>Browsers must be told where to find the <b><code> - junkbuster</code></b> (e.g. <code>localhost</code> port 8000). - To set the HTTP proxy in Netscape 3.0, go through: <b class= - "eg">Options</b>; <b class="eg">Network Preferences</b>; <b - class="eg">Proxies</b>; <b class="eg">Manual Proxy - Configuration</b>; <b class="eg">View</b>. See the <a href= - "ijbfaq.html">FAQ</a> for other browsers. The <a href= - "ijbfaq.html#security">Security Proxy</a> should also be set to - the same values, otherwise <code>shttp:</code> URLs won't - work.</p> - - <p><a name="limitations"></a>Note the limitations explained in - the <a href="ijbfaq.html">FAQ</a>.</p> - - <h3><a name="show"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> Checking Options</h3> - - <p>To allow users to <a href="ijbfaq.html#show">check</a> that - a <b><code>junkbuster</code></b> is running and how it is - configured, it intercepts requests for any URL ending in <code> - /show-proxy-args</code> and blocks it, returning instead - returns information on its version number and current - configuration including the contents of its blockfile. To get - an explicit warning that no <b><code>junkbuster</code></b> - intervened if the proxy was not configured, it's best to point - it to a URL that does this, such as <a href= - "http://internet.junkbuster.com/cgi-bin/show-proxy-args"> - http://internet.junkbuster.com/cgi-bin/show-proxy-args</a> on - Junkbusters's website.</p> - - <h3><a name="also"></a><img border="0" src="fb.gif" alt="*" - width="14" height="14"> See Also</h3> - - <p><a href="ijbfaq.html"> - http://www.junkbusters.com/ht/en/ijbfaq.html</a><br> - <a href="http://www.junkbusters.com/ht/en/cookies.html"> - http://www.junkbusters.com/ht/en/cookies.html</a><br> - <a href= - "http://internet.junkbuster.com/cgi-bin/show-proxy-args"> - http://internet.junkbuster.com/cgi-bin/show-proxy-args</a><br> - <a name="kristol"></a><a href= - "http://www.cis.ohio-state.edu/htbin/rfc/rfc2109.html">http://www.cis.ohio-state.edu/htbin/rfc/rfc2109.html</a><br> - - <a name="squid"></a><a href= - "http://squid.nlanr.net/Squid/">http://squid.nlanr.net/Squid/</a><br> - - <a href="http://www-math.uni-paderborn.de/~axel/"> - http://www-math.uni-paderborn.de/~axel/</a></p> - - <h3><a name="copyright"></a><img border="0" src="fb.gif" alt= - "*" width="14" height="14"> Copyright and GPL</h3> - - <p>Written and copyright by the Anonymous Coders and - Junkbusters Corporation and made available under the <a href= - "gpl.html">GNU General Public License (GPL).</a> This software - comes with <a href="gpl.html#nowarr">NO WARRANTY.</a> Internet - Junkbuster Proxy is a <a href= - "http://www.junkbusters.com/ht/en/legal.html#marks"> - trademark</a> of Junkbusters Corporation.</p> - - <p align="center"><a href="#top_of_page"><img border="0" src= - "top.gif" alt="--- Back to Top of Page ---" width="250" height= - "15"></a></p> - - <p class="sans"><a href="http://ijbswa.sourceforge.net/"> - Website</a> <b class="dot">·</b> <b>Manual</b> <b class= - "dot">·</b> <a href="ijbfaq.html">FAQ</a> <b class= - "dot">·</b> <a href="gpl.html">GPL</a></p> - - <p class="sans"><small><small><a href="gpl.html#text"> - Copyright</a> © 1996-8 <a href= - "http://www.junkbusters.com/">Junkbusters</a> <a href= - "http://www.junkbusters.com/ht/en/legal.html#marks">®</a> - Corporation. <a href="gpl.html#text">Copyright</a> © 2001 - <a href="http://sourceforge.net/projects/ijbswa/">Jon - Foster</a>. Copying and distribution permitted under the <a - href="gpl.html">GNU</a> General Public - License.</small></small></p> - - <p><small><code><a href= - "http://sourceforge.net/projects/ijbswa/"> - http://sourceforge.net/projects/ijbswa/</a></code></small></p> - </body> -</html> - diff --git a/doc/obsolete/top.gif b/doc/obsolete/top.gif deleted file mode 100755 index 8380083d..00000000 Binary files a/doc/obsolete/top.gif and /dev/null differ