Covering some interesting issues
1 How to detect dedic 2 How to detect SSH tonnel 3 How to detect virtual machine 4 How to detect real hardware
1) How do they detect dedicates?
Ping to RDP port 3389. Is this port open? The dedicator is 100% According to server http headers, it’s unlikely the average user uses Windows Server 2008 Hostname like server.dedikatedhost.com
2) How do SSH tonnel detect?
Same ping on port 21, 80 and 443 Tester https://2ip.ru/privacy/ Hostname like server.dedikatedhost.com
3) How do they detect the virtual machine?
4) How do they detect machine hardware?
There are public ways, there are private ways. No one will tell you about private ones. But you can be sure that Firefox and Chrome have special functions, I’ve even found equipment lists in browser memory dump. Advice to block all requests to all *google* and *mozilla* addresses via Proxifier (new Rule, Hosts *google* and *mozilla*, Block) or firewall
Public methods for Chrome: WebGl video card name. Tester https://www.browserleaks.com/webgl (see Unmasked Renderer) WebRTC Media Device Enumeration. Tester https://www.browserleaks.com/webrtc (see Unique Device IDs). Everyone has learned how to block WebRtc, but the normal machine always has WebRtc enabled and blocking it is suspicious. Java applet, like I said, can do everything, even read process lists
I’m going to share a pulled out piece of semi-private code. The function names speak for themselves
And that’s all the tip of the iceberg, there are a number of things that no one will say and that even I don’t know