Network Basics to Know Before Thinking About Anonymity
When thinking about anonymity, starting only with s, , encryption, or browser settings makes it hard to grasp the whole picture.
That is because anonymity is not determined only by "which tool you used." You need to understand where communication passes, what information reaches the other party, what records remain, and what information combines.
The foundation for that is network basics.
This article organizes the relationship between IP addresses, DNS, HTTP/HTTPS, browsers, cookies, and communication logs that you should know before thinking about anonymity.
Anonymity Is Not Determined Only by the Network
Anonymity is not protected simply by hiding the network path.
For example, even if you use a VPN to change how your IP address appears, behavior connects to the account if you are logged in to the same account. Even if you use Tor, if you mix the browser environment or cookies you use under your real name, other clues remain.
On the other hand, thinking about anonymity without understanding networks is also dangerous. IP addresses, DNS, destinations, and communication logs are important foundations for thinking about anonymity.
Perspective
Related items
Caution
Source
IP address, connection, VPN, Tor
Relates to how the source appears
Destination
DNS, URL, server, CDN
Becomes a clue to where you connected
Communication content
HTTP, HTTPS, TLS
Relates to whether content is protected
Identification
s, login state, User-Agent
May link you as the same user
Records
Server logs, DNS logs, communication logs
May become material for later comparison
To think about anonymity, you need to look at these elements separately and then think about their combination at the end.
IP Addresses Become Clues to the Communication Source
An IP address is information used to find the other side of communication on a network.
When you access a website, the IP address visible as the source is normally delivered to the destination website. It is not necessarily a home IP; it may be a VPN, Tor, proxy, NAT, or shared-line IP. An IP address alone does not necessarily reveal a personal name or exact address.
However, when it combines with a carrier, region, organization network, connection time, and similar information, it becomes material for inferring the communication source.
The important point here is that an IP address is part of anonymity, not all of it.
Even if you hide an IP address, if cookies, login state, browser information, post content, writing style, time of day, and similar clues remain, they may connect in another form.
DNS Becomes a Clue to the Destination
DNS is a mechanism that maps domain names to IP addresses.
Humans recognize websites by domain names such as example.com. However, communication requires an IP address. For that reason, browsers and operating systems may use DNS to look up the IP address corresponding to a domain name.
DNS queries handle which domain name was about to be looked up. With ordinary DNS, the query destination may see the domain name, query time, and information about the query source.
However, DNS alone does not reveal page body text or form input contents. What DNS mainly handles is the domain name you tried to connect to.
This difference is important for anonymity. Even if communication content is protected by HTTPS, if DNS queries are visible somewhere else, they may become clues to which domain you tried to connect to.
HTTP and HTTPS Affect Visibility of Communication Content
HTTP is a mechanism for browsers and servers to exchange web page data.
With HTTP alone, communication content is not encrypted. For that reason, there is a risk that a third party on the communication path can read the content or rewrite it in transit.
HTTPS is a mechanism that protects HTTP communication with TLS. With HTTPS, communication content is harder to read in transit, harder to tamper with, and the destination server is easier to verify.
Perspective
HTTP
HTTPS
Communication content
Risk of being read
Harder to read
Tampering
Risk of being changed
Easier to detect
Destination verification
Weak
Easier to verify with certificates
Anonymization
Not provided
Not provided
HTTPS is very important. However, HTTPS is not anonymization technology.
The request reaches the destination website. Also, source IP address, cookies, login state, access logs, and similar issues remain as separate problems.
Browsers Send Many Kinds of Information
When viewing a website, a browser sends requests to the server to display the page.
These requests may include the destination URL, cookies, User-Agent, language settings, and referrer. On pages where JavaScript runs, characteristics of the browser and device, such as screen size, time zone, and supported features, may also be used.
Not all of these are necessarily recorded. However, you need to be aware of them as information that may reach the website side.
Cookies and login state are especially important. Even if you change your IP address, if the same cookies are sent, you may be treated as the same browser. If you are logged in, behavior may connect to the account.
Communication Logs Can Become Material for Later Comparison
Communication on the internet does not necessarily disappear completely on the spot.
Records about communication may remain on web servers, applications, DNS resolvers, carriers, routers, firewalls, and similar places.
Place
Information that may remain
Web server
Access time, IP address, URL, User-Agent, referrer
Application
Login history, operation history, account ID
DNS resolver
Queried domain name, query time
Carrier
Connection time, assigned IP address, communication volume
Router or firewall
Destination, communication volume, allow or block result
Logs are used for failure response and security measures. Logs themselves are not bad.
However, for anonymity, you need to consider the possibility that multiple logs may be compared by time or IP address.
Basic Perspectives for Thinking About Anonymity
When connecting network basics to anonymity, it becomes easier to organize the issue by separating it as follows.
Question
What to look at
Who can see it?
Destination, ISP, DNS resolver, VPN provider, other users on the same network
What is visible?
IP address, domain name, communication volume, time, cookies, login state
What is protected?
Communication content protected by HTTPS, tamper detection, destination verification
What remains?
Server logs, DNS logs, app operation history, information stored in the browser
What does it connect to?
Accounts, past posts, writing style, images, time of day, device information
For anonymity, it is important not to judge from only one piece of information. When IP addresses, DNS, HTTPS, cookies, logs, accounts, and post content combine, they may create a sense that activity comes from the same person.
Summary
Before thinking about anonymity, you need to understand network basics.
An IP address becomes a clue to the communication source. DNS becomes a clue to the domain name you tried to connect to. HTTP and HTTPS relate to protection of communication content. Browsers may send cookies, User-Agent, login state, and similar information. Communication logs may become material for later comparison.
However, anonymity cannot be judged by looking at only one of these.
Anonymity changes through the combination of communication path, destination, browser, account, post content, time, and past information.
The purpose of learning network basics is not memorizing technical terms. It is to become able to separate who can see what, what is protected, and what remains.
Related tools
DNS Leak Test
DNSLeakTest
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.