{"id":318,"date":"2006-08-25T03:40:09","date_gmt":"2006-08-25T03:40:09","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2006\/08\/anonymous-connections-over-the-internet-using-socks-chains-proxy-proxies\/"},"modified":"2015-09-09T19:40:38","modified_gmt":"2015-09-09T11:40:38","slug":"anonymous-connections-over-the-internet-using-socks-chains-proxy-proxies","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2006\/08\/anonymous-connections-over-the-internet-using-socks-chains-proxy-proxies\/","title":{"rendered":"Anonymous Connections Over the Internet &#8211; Using Socks Chains Proxy Proxies"},"content":{"rendered":"<p><strong>Introduction<\/strong><\/p>\n<p>This  tutorial  is an  attempt to  help you  re-route  all  internet  winsock applications in ms windows trough a socks chain, thus making your connections much more anonymous.<\/p>\n<p><strong>Theory<\/strong><\/p>\n<p>The more different hops you make your data jump, the more difficult it will be to trace it back. take this route for example:<\/p>\n<p>    you &#8211;> socks1 &#8211;> socks2 &#8211;> socks3 &#8211;> &#8230; &#8211;> socksx &#8211;> target<\/p>\n<p>People who want to trace you will have to contact x persons to ask their them for their logs. chances are one of them didn&#8217;t log&#8230; and if they logged, the ip seen by each host\/socks is the ip of the previous host\/socks in the chain.<\/p>\n<p>This works for:<\/p>\n<ul>\n<li>icq-like tools<\/li>\n<li>ftp clients<\/li>\n<li>mail clients<\/li>\n<li>telnet clients<\/li>\n<li>\nportscanners<\/li>\n<li>(just about anything that uses the internet)<\/li>\n<\/ul>\n<p>It doesn&#8217;t work on most irc servers since  they often check for open wingates<br \/>\nand proxies.<\/p>\n<p><strong>Now let&#8217;s do it<\/strong><\/p>\n<p><strong>1)<\/strong> First you need to find some boxes running wingate, we look for  wingates since the default installation of wingate includes a non-logging socks  server on port 1080<\/p>\n<p>Visit <a href=\"http:\/\/www.samair.ru\/proxy\/socks.htm\">http:\/\/www.samair.ru\/proxy\/socks.htm<\/a> or <a href=\"http:\/\/www.proxyleecher.com\/socks.php\">http:\/\/www.proxyleecher.com\/socks.php<\/a> for some wide-known wingate ips, or even better: you could try to find some yourself.<\/p>\n<p>To do  this,  i would  suggest  you  use  &#8216;proxy hunter&#8217;,  available for download at <a href=\"http:\/\/www.proxys4all.com\/tools.shtml\">http:\/\/www.proxys4all.com\/tools.shtml<\/a> be sure to look  for wingates (port 23)  and not for socks,  as we only want wingate socks.<\/p>\n<p>You could also use wingatescan, available for download at <a href=\"http:\/\/packetstormsecurity.org\/wingate-scanner\/\">http:\/\/packetstormsecurity.org\/wingate-scanner\/<\/a><\/p>\n<p>Speed is very important  since we will be using  multiple socks, and we don&#8217;t want  our programs  to time out. with  the  klever dipstick  tool, you can find out  which are the fastest  ones. (get the klever  dipstick program at <a href=\"http:\/\/klever.net\/kin\/static\/dipstick.exe\">http:\/\/klever.net\/kin\/static\/dipstick.exe<\/a>)<\/p>\n<p>Just fire off Dipstick.  Rightclick  in  the small green rectangular and choose  Show  main  window. To  import a list of wingates, just click on Advanced, choose Import List and select your file.<\/p>\n<p>You  can also  manually ping a  simple host  by clicking on Manual Ping. Use those wingates with the smallest average time. *duh*<\/p>\n<p><strong>2)<\/strong> Second, check  if   the  wingates  from  the  list  are actually running :)<\/p>\n<p>There are  a lot of  programs that can  help you with this.<\/p>\n<p><strong>3)<\/strong> Third,  install  a  program  that  will  intercept all  outgoing networking calls.<\/p>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<p>I use the  great tool  sockscap for  this purpose.  you can  get it  at  <a href=\"http:\/\/www.socks.permeo.com\/Download\/SocksCapDownload\/index.asp\">http:\/\/www.socks.permeo.com\/Download\/SocksCapDownload\/index.asp<\/a><\/p>\n<p>In the  setting, enter  this  as  socks server  : 127.0.0.1  port  8000. Click  on  &#8216;socks  version  5&#8217;.  click  &#8216;resolve  all  names  remotely&#8217;. Uncheck &#8216;supported authentication&#8217;.<\/p>\n<p>In  the main  window, choose new  and then browse  to create a  shortcut for the internet client you want to give socks support.<\/p>\n<p>Repeat this step for every program you want.<\/p>\n<p><strong>4)<\/strong> Install SocksChain<\/p>\n<p>Download it at <a href=\"http:\/\/www.ufasoft.com\/socks\">http:\/\/www.ufasoft.com\/socks<\/a><\/p>\n<p>In the service  menu, click on new. enter &#8216;Chain&#8217;  as name and &#8216;8000&#8217; as port to accept connections on.<\/p>\n<p>Click on  new and fill  in the ips of  the fastest  wingates you  found, but this time, use port 1080 for this (and not the port 23)<\/p>\n<p>Using the  &#8216;<' and '>&#8216;,  you can add and  remove socks.  be sure to test all socks  one by  one  before  adding  them  all to  the list  in once,  because if  one of  them is  bad, you  chain will not work  and you will     not be able to locate the bad socks in the chain.<\/p>\n<p>If all  of them  seem to  work, you  use the  &#8216;<' key  to add  them  all (mind  speed  problems. 4  or less  is fine.  i think  10 or  13 is  the limit put by tcp\/ip)\n\n<strong>Testing your anonymous setup<\/strong><\/p>\n<p>To check  what socks  your computer  is connecting to, you can use x-ploiters totostat (<a href=\"http:\/\/tucows.mundofree.com\/preview\/7534.html\">http:\/\/tucows.mundofree.com\/preview\/7534.html<\/a>). look for connections  to port 1080,  the remote ip  found there should be the first ip found in your chain in sockschain.<\/p>\n<p>use the shortcut  in sockscap that  points to your  browser, and connect  to  <a href=\"http:\/\/cavency.virtualave.net\/cgi-bin\/env.cgi\">http:\/\/cavency.virtualave.net\/cgi-bin\/env.cgi<\/a> or<br \/>\n<a href=\"http:\/\/www.junkbuster.com\/cgi-bin\/show_http_headers\">http:\/\/www.junkbuster.com\/cgi-bin\/show_http_headers<\/a><\/p>\n<p>Use your shortcut  in sockcap to  start your  telnet  client then  telnet to ukanaix.cc.ukans.edu<\/p>\n<p>In all the above cases, the remote server should show you the ip of the last server in  the  sockschain.  if you  look at  the  sockschain  program while surfing you should see the chain being built up.<\/p>\n<p><strong>Some final remarks<\/strong><\/p>\n<p>Never use  internet explorer to do tricky  stuff as it might reveal your ip. my personal favorite browser is opera 4.0 (http:\/\/www.opera.com\/), Darknet recommends Firefox.<\/p>\n<p><script type=\"text\/javascript\"><!--\ngoogle_ad_client = \"pub-3033787195489589\";\ngoogle_ad_width = 468;\ngoogle_ad_height = 60;\ngoogle_ad_format = \"468x60_as_rimg\";\ngoogle_cpa_choice = \"CAAQj6eVzgEaCIxA5niBniDSKOm293M\";\n\/\/--><\/script><br \/>\n<script type=\"text\/javascript\" src=\"http:\/\/pagead2.googlesyndication.com\/pagead\/show_ads.js\">\n<\/script><\/p>\n<p>To avoid info being sent out, we  could install another proxy  between the sockscap and the sockschainer proxy that would filter out those things. A4proxy is an example of a proxy capable of doing such things or <a href=\"http:\/\/www.spamblocked.com\/proxomitron\/\">Proximitron<\/a> which Darknet uses.<\/p>\n<p>Remember, if you want to do the real stuff, better switch to Linux like <a href=\"http:\/\/www.ubuntu.com\/\">Ubuntu<\/a>.<\/p>\n<p>Written by Zoa_chien &#8211; EFNet &#8211; Updated with current info, lists and URL&#8217;s by Darknet.<\/p>\n<p><a href=\"http:\/\/www.digg.com\/security\/ULTIMATE_Anonymity_With_Proxy_Chains\">Digg This Article<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction This tutorial is an attempt to help you re-route all internet winsock applications in ms windows trough a socks chain, thus making your connections much more anonymous. Theory The more different hops you make your data jump, the more difficult it will be to trace it back. take this route for example: you &#8211;> [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[34,5,17],"tags":[975,37],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/318"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=318"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/318\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}