Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anonymous Proxy Programs


  • Please log in to reply
10 replies to this topic

#1 CelestialAura

CelestialAura

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Walnut, CA
  • Local time:05:41 AM

Posted 10 January 2012 - 05:56 PM

Looking to implement anonymous proxy on my desktop for the following protocols: tcp, udp, http, ssl, socks5, smtp, pop3, imap, & chat/im protocols/ports, via open source/free software program. Can anyone who may have knowledge of accomplishing this or any known good software that allows those protocols please guide me in the right direction? I know that there's TOR, I2P, etc... but I am having difficulty understanding which would better suit my needs (or if there are any other programs which may be more suitable), as I am getting conflicting info researching on my own.

Any guidance or assistance is appreciated!

BC AdBot (Login to Remove)

 


#2 server.exe

server.exe

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 10 January 2012 - 06:12 PM

You could use multiple VPN's? :]
Posted Image
Winning is not enough.

#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 11 January 2012 - 05:33 AM

but I am having difficulty understanding which would better suit my needs


What are your needs? What do you want to achieve? Are you looking for anonymity? From whom?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 Alexander Caldwell

Alexander Caldwell

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 11 January 2012 - 07:31 AM

Try Tails, It's an OS dedicated to privacy.

From Tails website (About):

"It is a complete operating-system designed to be used from a CD or a USB stick independently of the computer's original operating system. It is Free Software and based on Debian GNU/Linux."



From Tails website (Homepage):

"Tails short description states that all outgoing connections to the Internet must to go through the Tor network."





Here's the link to the tails website:
http://tails.boum.org/contribute/design/Tor_enforcement/

Or you can use <your search engine of choice> to look up the website.

I don't know much about Tail because I have only briefly read a portion of the content explaining it. So i recommend you look into it.

Here's the front page of the website:




"
Tor enforcement
Download Tails 0.10 Latest release: January 4, 2012

Tails short description states that all outgoing connections to the Internet must to go through the Tor network.

This is almost true. Let's clarify this a bit.

DNS
HTTP Proxy
Network filter

DNS

Tor does not support UDP so we cannot simply redirect DNS queries to the Tor transparent proxy.

Most DNS leaks are avoided by having the system resolver query a local caching DNS server (namely: pdnsd) that in turn performs its DNS lookups through the Tor network using the DNSPort configured in torrc. pdnsd is configured to listen on the loopback interface only; the single reason for its presence is the improvement of performance brought by its caching feature.

But the Tor DNS resolver lacks support for most types of DNS queries except "A", so pdnsd is configured to query the Tor resolver first, and fallback to ttdnsd if the former fails. ttdnsd forwards incoming UDP DNS requests to a open, recursive TCP DNS resolver (namely: Google's 8.8.8.8) via the Tor SOCKS proxy. Completely replacing the Tor resolver with ttdnsd was considered, but doing so would give too much power to a single third-party, that is to the organization or people that runs the recursive DNS resolver ttdnsd is configured to use.

There is a concern that any application could attempt to do its own DNS resolution without using the system resolver; UDP datagrams are therefore blocked in order to prevent leaks. Another solution may be to use the Linux network filter to forward outgoing UDP datagrams to the local DNS proxy.

Tails also forbids DNS queries to RFC1918 addresses; those might indeed allow the system to learn the local network's public IP address.

resolvconf is used to configure the system resolver in /etc/resolv.conf; it is also setup to prevent NetworkManager and dhcp-client to modify this file.

config/chroot local-includes/etc/resolvconf/resolv.conf.d/base
config/chroot local-includes/etc/pdnsd.conf
config/chroot local-includes/etc/tor/torrc
config/chroot local-includes/etc/firewall.conf
config/chroot local-includes/lib/live/config/000-resolv-conf
config/chroot local-hooks/08-remove pdnsd resolvconf hook
config/chroot local-hooks/99-zzz resolvconf
config/chroot local-includes/etc/default/ttdnsd

HTTP Proxy

Polipo provides with caching HTTP proxy functionality. It contacts the Tor software via SOCKS5 to make the real connections: config/chroot local-includes/etc/polipo/config.

In case the firewall is buggy or not properly started, proxy settings are used as part of a defence in depth strategy:

The standard http_proxy and HTTP_PROXY environment variables are globally set in config/chroot local-includes/etc/environment to point to Polipo.
The GNOME proxy settings point to Polipo or to the Tor SOCKS proxy, depending on the application type: config/chroot local-includes/usr/share/amnesia/gconf/gnome proxy.xml is imported into GConf at build time.

Network filter

One serious security issue is that we don't know what software will attempt to contact the network and whether their proxy settings are setup to use the Tor SOCKS proxy or polipo HTTP(s) proxy correctly. This is solved by blocking all outbound Internet traffic except Tor and I2P, and explicitly configure all applications to use either of these.

config/chroot local-includes/etc/firewall.conf for IPv4
config/chroot local-includes/etc/firewall6.conf for IPv6
config/chroot local-includes/etc/NetworkManager/dispatcher.d/00-firewall.sh

The default case is to block all outbound network traffic; let us now document all exceptions and some clarifications to this rule.
Tor user

Tor itself obviously has to connect to the Internet without going through the Tor network. This is achieved by special-casing connections originating from the debian-tor Unix user.
I2P

I2P (Invisible Internet Project) is yet another anonymizing network (load-balanced unspoofable packet switching network) that provides access to eepsites (.i2p tld); eepsites are a bit like Tor hidden services. Some users would like to be able to access eepsites from Tails.

Like the debian-tor user, the i2p user is allowed to connect directly to the Internet. See the design document dedicated to Tails use of I2P for details.
Local Area Network (LAN)

Tails short description talks of sending through Tor outgoing connections to the Internet. Indeed: traffic to the local LAN (RFC1918 addresses) is wide open as well as the loopback traffic obviously.

It is planned to forbid LAN DNS queries at some point to protect against some attacks; this is not implemented yet.
IPv6

Tor does not support IPv6 yet so IPv6 communication is allowed only on the loopback interface.
UDP, ICMP and other non-TCP protocols

Tor only supports TCP. Non-TCP traffic to the Internet, such as UDP datagrams and ICMP packets, is dropped unless it's going through I2P, which supports UDP.
"

#5 server.exe

server.exe

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 11 January 2012 - 08:42 AM

If you need proxy lists let me know :], I can get millions of L1+L2+L3
Posted Image
Winning is not enough.

#6 CelestialAura

CelestialAura
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Walnut, CA
  • Local time:05:41 AM

Posted 11 January 2012 - 09:53 PM

Try Tails, It's an OS dedicated to privacy.

Tails short description states that all outgoing connections to the Internet must to go through the Tor network.


One serious security issue is that we don't know what software will attempt to contact the network and whether their proxy settings are setup to use the Tor SOCKS proxy or polipo HTTP(s) proxy correctly. This is solved by blocking all outbound Internet traffic except Tor and I2P, and explicitly configure all applications to use either of these.


Tor only supports TCP. Non-TCP traffic to the Internet, such as UDP datagrams and ICMP packets, is dropped unless it's going through I2P, which supports UDP.
"


Hmm, that is very interesting. I will definitely look into this. What is my purpose/reason? Victim of domestic violence & I use PC for work & sensitive info. (Self employed, struggling & don't have big $ for more robust solution) Abuser's bro has high security govt. clearance & is a Programmer/Tech, to put it in a very general nutshell. Need to keep as safe, secure & anonymous as possible ~

Thank you for the guidance!

#7 CelestialAura

CelestialAura
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Walnut, CA
  • Local time:05:41 AM

Posted 11 January 2012 - 09:57 PM

If you need proxy lists let me know :], I can get millions of L1+L2+L3


Thanks for the offer! I could use HMA lists, but am very leery of trusting lists. I know that I would need to use peers via TOR or I2P, but for some reason that seems safer (the way it is implemented) than using proxies off the free list. I had started to use those via HMA, & noticed that I was getting SMURF & SPOOF attacks in router log. So I prefer to try a different solution.

Thank you for your offer ;)

#8 Alexander Caldwell

Alexander Caldwell

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 11 January 2012 - 11:41 PM

No problem, glad to help.

Alex K

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 12 January 2012 - 05:01 AM

Then you are best to use a system that is designed to protect your anonymity, like Tor and I2P.

But be careful with Tor.

Tor runs on servers (called nodes) located all over the world. When you use your Tor client on your machine, it will connect randomly to a node with an encrypted connection, transmit your request, this request will be transmitted anonymously and encrypted between several nodes, and finally it will arrive at an exit-node that will direct your request to the server of the site you want to access. The exit-node will not encrypt your request, so if you use HTTP in stead of HTTPS, the exit-node will be able to read your request.

Anybody can set up a node, it is easy. It is known that many people have set up an exit-node to steal passwords. When you logon to a website that doesn't use HTTPS, your credentials are transmitted unencrypted, and the exit-node can run a program to sniff the traffic and steal your credentials.

It is also rumored that government intelligence agencies set up Tor exit-nodes to sniff traffic. But I've no evidence that this is true.

So when you use Tor, be sure to use HTTPS and other encrypted protocols as much as possible, so that the exit-node can't sniff your traffic.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 CelestialAura

CelestialAura
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Walnut, CA
  • Local time:05:41 AM

Posted 12 January 2012 - 08:53 AM

Then you are best to use a system that is designed to protect your anonymity, like Tor and I2P.

So when you use Tor, be sure to use HTTPS and other encrypted protocols as much as possible, so that the exit-node can't sniff your traffic.


Thanks for the response. So TOR & I2P can be used together? & It seems that Tails has a nice method of implementing the 2, & blocking/preventing any other connection(s). I like that idea. Also, thanks for heads up re:HTTP & HTTPS.... I already try to use HTTPS as much as possible when browsing & online, already, due to the obvious vulnerability of HTTP... In fact, I just went into Firefox config settings the other day & disabled any/all of the SSL entries below SSL3 & or that didn't use 128, 168 or 256 bit encryption. I did just find out that Calomel (the source where I obtained the info on adjusting the config ssl settings in FF) actually has a FF plugin that grades encryption strength of sites, but I do not use the plugin. Funny (odd) thing is, I just tried to pull up the page from Calomel site where I got the info, & oddly enough, with all the hype they're creating about using the strongest encryption, here is the error/warning message I got when going to their page:

Secure Connection Failed
An error occurred during a connection to calomel.org.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
The page you are trying to view can not be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.


I think it's pretty ironic that they offer solution for using strong ssl encryption, & to implement ssl certificates, etc... for webs, but they aren't "practicing what they preach", lol~

I really appreciate the input on this. I think I will give Tails & TOR/I2P a shot, as they obviously seem to jive together, & I2P offers solutions with protocols that I cannot get via TOR, etc...

Cheers!

#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 12 January 2012 - 01:57 PM

So TOR & I2P can be used together?


No, that is not what I intended to write. I don't know if you can use them together. But if you can, I guess the network latency would become significant.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users