Chaining Proxies and Wingates (part 2 IRC Edition) |
Article is yet to be rated |
|
| Author:
| Dutchie99
|
|
| Submitted: |
14-May-2003 17:25:09 |
| Imported From: |
zZine (original author: dutchie99)
|
| I've seen this question asked a fair bit on IRC channels and forums, and I've yet to see anyone give even a semi-useful answer to it. Therefore, I'm hoping to shed some light on the issue.
|
|
As we all know (or should know), anonymous proxies hide your IP address, referer, etc, (although the main purpose of a proxy, is to speed up surfing through caching of WebPages) and also keep logs of where we are coming from, and where we are going. For concealing our details from a website, a single anonymous proxy, perhaps combined with a filtering program is generally more than enough. After all, you were one of millions of users, why would a site admin go out of his/her way to track you down?
Let's say, for the sake of arguing, that someone DOES want to track you down? Perhaps you've done something naughty (gotten root on their server, or some other nefarious deed), or they're simply really curious. They could trace your proxy, and possibly find out who used it.
However, what if you were to use more than one proxy? Although you can never be 100% anonymous you can make it more difficult to be traced while surfing by using a chain of proxies to make the job of tracking you down a lot more difficult (and time-consuming), hopefully dissuading the tracker.
Be aware that the proxy chaining described here only works in the environment specified, i.e.; setting up a chain in Internet Explorer (IE) will not make you anonymous to the casual observer in newsgroups, or to someone examining email headers on email sent from your machine - that's a completely different issue that I won't be covering that specifically here (although I will demonstrate how you can chain Wingate's which can be used to send email through an SMTP server). It will, however, make you virtually anonymous to servers you connect to via IE, such as HTTP, FTP, Gopher, etc.
As the name suggests, proxy chaining is simply adding more machines between yourself and your destination;
[you]----[bleh.com:80]----[example.org:3128]----[mysite.net:8000]----[cyberarmy.com:80]
As a side note, before I tell you how to chain proxies, I highly advise you to use foreign servers (proxies) wherever possible; it makes a tracker's job infinitely more difficult. Even better is if diplomatic relations between the tracker's country and the server admin's country aren't too hot; you'll often find that the admin isn't too swift in producing the logs and to get a court order/subpoena takes ages - unless you've done something seriously bad - hopefully by which time the logs will have been overwritten/deleted... you get the general idea. If you're going to the trouble of chaining, checking the domains won't be too much trouble, a good program to do multiple ns lookups in a batch is called NS-Batch. You can find this program here, (.ru == Russia, .ca == Canada, etc.).
Implementation
I assume you know how to configure your browser to use a proxy, to get it to chain a proxy you use the format:
http://proxy.magusnet.com/-_-http://www.cyberarmy.com
In the address bar, note that the important part is the "-_-" which separates the two urls, if you wanted to add a second proxy to the chain you would simply
http://proxy.magusnet.com/-_-http://anonymizer.com/-_-http://www.cyberarmy.com
Another, and perhaps easier way is to use the following format:
http://proxy.magusnet.com:80/http://free.anonymizer.com:80/http://www.google.com
Here the separator is a simple "/" be sure to include the port number.
Obviously, typing that in every time you surf will become tiresome. To configure IE to use a chain like a normal proxy, open the proxy menu (tools->internet options->connections, highlight the connection you want to configure and click settings and check using a proxy server) and enter your chain in the following format in the address box
bah.co.uk:3128 something.ru:80 somethingelse.au:8080 example.ro
then put in the last proxies port number in the port box, note that the separator here is a simple space.
To chain wingates, simply go to a dos prompt and type:
telnet bleh.au 23
The format for specifying ports here is to use a space, not a colon as with proxies, once you are connected to the wingate you should see:
Wingate>
Simply type in the address in IP or host format followed by the port as you did originally and continue until you have the desired amount of links in the chain the connect to the final host. You should end up seeing something like this:
C:\Windows> telnet bleh.au 23
Wingate>something.ru 23
Wingate>example.ro 23
Wingate>sdf.lonestar.org
Connecting to host sdf.lonestar.org...Connected
sdf.lonestar.org
if new, login new
login:
Be aware, however, that there are disadvantages to proxy chaining. The more proxies you add, the slower your connection will become - a pain if you're on dialup! Also, proxies often die in a matter of weeks (that's if you're lucky, more often than not it's days) and if one goes down, the whole chain fails.
I know I've been IE'centric and I make no apology. IE is by far the most popular browser and those that use other browsers more likely than not have the knowledge to carry over the above guidelines into their browsers.
Written by Pigsbig78
Edited by FrodBonzi
*This article is provided by the Knowledge Bank. Please take a look at: http://knowledge-bank.cauniversity.org/
This article was originally published by CyberArmy.net in the CyberArmy Library.
|
|
You must be logged in to vote on an article
|
About Us | Privacy Policy | Mission Statement | Help
|