Hi to anyone reading this who might be able to help.
Is it possible to create a website or I guess write a programme so that (A) the site is hidden from any search engines, ie, if you type in a key word the site does not pop up (B) can not be traced back to any particular computer that is accessing the site and also have the computer somehow erase all history of ever accessing the site and (C) How would say, the police computer crime unit be able to stumble across such a site?

The reason I am asking is that I am writing a feature script and need this kind of info for plot developement. It's a film so I can take a bit of licence. I know it must sound a bit dodgy but if you don't believe me visit my website www.garyeck.com

Basically, I need to know is it possible to create a programme, write a code or whatever so that the above is possible. Excuse my ignorance in all things computer related.

Gary Eck

Hey, it's Hollywood. You can do whatever you want; as long as the F/X are good enough, people will buy it.

Sure, there's several ways to minimize this from happening. If you don't have metatags describing the site, some webcrawlers won't index them. You can also have a robots text file that tells a webcrawler which pages to index and which ones to ignore, or you can have a robots metatag that tells the crawlers to not index or not follow a page. (See http://www.unimelb.edu.au/webcentre/topics/hide.html for more info).

Make sure no other web sites link to your site and it helps if you don't have a URL for people to type. Using the normal IP address for the site won't keep it from being accessed, but it helps to push it down the list.

Web sites behind authentication pages also won't be indexed, last time I checked. So adding a simple login page will prevent a webcrawler from going any further.

If you mean someone who is accessing the site won't retain data after accessing the website, then it depends on how the user's browser is setup. By default, browsers cache a lot of information to speed up surfing. There will be image files and sometimes full blown pages stored on the hard drive, cookies to remember settings, URL histories, etc.

I'm not sure if you can use server-side scripts to prevent a browser from doing any of this caching. I think you can limit it somewhat but not prevent it since it's part of the browser rather than from the server.

However, the user can purge their browsers files (easy or hard depending on the browser) so nothing is retained or he could set it up so the browser simply doesn't cache anything.

I would imagine the easiest way is by following IRC "chat rooms" or hacker meeting areas to see what IP addresses are being passed around. To just stumble across the site by surfing the net would be pretty much impossible.

If I set up a "hidden" site, I would have it on my personal network (rather than being hosted) so it's behind my firewall. I could then limit access to the site to exactly who I wanted and dump everyone else to either a "fake" site or simply blocking them. For example, the fake site filter could take port 80 traffic while the "real" site would only accept connections on port 8081. Or you could devise another type of filter.

I'd also make it encrypted so users would have to use a VPN or other secure connection plus have a login page accessing a database on a separate, encrypted system; the passwords would be some uber-secure scheme (such as multiple letters in upper and lower case, numbers, symbols with a minimum of 12 characters, or perhaps a passphrase).

Honestly, I don't know how the police could find a site without being tipped off. If they did happen upon it, they'd still have to break the encryption and figure out the login.

I may have screwed up on the details because I don't mess around with serious web design, but these ideas should be enough to get you going. I'm sure other members here can correct any errors I have.

__________________
Common Sense v2.0-Striving to make the world a little bit smarter.