In this article we will learn about Proxy chaining.
We live in a world where privacy plays an important role in our daily lives. The activities we carry out using the Internet can reveal a lot about a person’s social and professional life. In the wrong hands, this information could lead to various problems. The collected data could be used to hack bank accounts, social media accounts, etc. Because of this, people choose to be anonymous while using the internet using proxies.
A proxy can be explained as a gateway between the user’s computer and the destination website. Normally, when you browse the web, your original IP is identified by the web, which could compromise your privacy.
Using proxy chaining, we bounce through a series of proxy servers and arrive at our destination. When using a proxy server, you are not directly connected to the website. The proxy connects to the site and creates a cached version of the site and sends it to you as a photocopy. When a proxy server visits a website, the page is cached on the proxy server.
The next time you visit the page, the proxy server will load from the cached page. This will speed up the process to some extent. If you check the IP that is connected to the internet, it will be the IP of the ISP. But when using a proxy server and chaining, the IP address of the last used proxy server in the chain will be displayed.
User ———-> Proxy ———–> Webpage
Proxy Chaining is the connection of two or more proxy servers in order to obtain the intended page. We can use as many proxies as we want. Let’s look at the example given below:
User ———–> Proxy1 ———–> Proxy2 ———–> Proxy3 ———–> Proxy4———–> Website
The user connects to proxy1 and from there to other proxies as specified by the user until finally reaching the destination. When the target end looks up the IP, Proxy4’s IP will appear as the user’s IP. When using proxy chaining, we need to make sure that all proxy servers included in the chain are working properly. If any proxy IP address is not working, it means that the connection cannot be established.
Then we have to replace the damaged proxy with a new one or exclude the damaged IP and connect the rest to a new chain. Sometimes it can be a bit difficult to find out which proxy is not working properly if you use too many proxies.
Proxy chaining is also used in the execution of the attack. It is a must if you are trying to gain unauthorized access to any server. Even if you use proxy chaining, you cannot be 100% anonymous. You can be tracked based on each proxy used to establish a connection. It just makes it a lot harder to watch. If you use a foreign proxy, then it will be more difficult to find someone. Tracking was only possible by collecting the logs of the individual used proxies from the administrator. If we use a foreign proxy, it can take a lot of time.
As time passes, it becomes more and more difficult to track the person. Administrators will delete logs after a certain period of time. Once the protocol is gone, it is simply impossible to trace the IP back. So it is recommended to use at least 5 foreign proxies in a chain when hacking. One of the main factors to consider when using proxy chaining is connection speed.
Each server may have a different connection speed and delay depending on its configuration. So during chaining, slow network speed may occur due to delay on each server. The total delay when connecting to a page could be said to be the sum of the individual delays on each server. This gets worse if we use multiple proxies in the chain.
Browser chaining is an easy process. We use a browser for proxy chaining. This will only work for requests made through a browser. Let’s see how this can be done using Internet Explorer. First, open your browser and go to “Internet Options” in the settings menu. A window will appear with several tabs at the top as shown in the image below:
Now, click on the Connections tab from the available tabs and select “LAN settings” button. A small window will pop up after clicking on the LAN settings button as shown below:
Figure 2: LAN Settings window to specify Proxy server details.
Check the box “Use proxy server” in the window and enter the details of the proxy server in the box. If you only need to use one proxy, enter the IP and port number and click OK. To use proxy chaining, click the Advanced button and enter the proxy IP address and port number in the field that appears. Leave a space between each proxy IP address. Now all connections made from the browser are through the specified proxy servers.
There are various software that help us to do proxy chaining. Let us discuss one such software called “Proxifier”.
It is a simple software that helps us to connect to different proxy servers around the world. All we have to do is enter the proxy IP, port number and socket type. There are a few points to keep in mind when using proxy chaining:
- A proxy string can contain different types of proxies, such as SOCKS v4, SOCKS v5, HTTPS, etc.
- If you are using an HTTP proxy, it should be placed last in the chain.
- The whole chain will not work if one proxy fails.
- The total delay will be the sum of all the individual delays in the chain.
This software has a number of features. The connection space, as shown in Figure 3 above, will display all connections made from a particular system. Using this software, one can easily sort the total time, exchanged data, etc. We can save the log as per our need. The connections created can be encrypted as per user requirements and various other options are available in this software.
Click the first icon in the panel titled Proxy Server Configuration. A window will open with the type of black space in the proxy server details. You can use this window to create a series of strings and select them accordingly. The window is shown below:
The order of chain will be as specified in the list as shown in the figure above. We can drag and change the order according to our need. There will be a check box to enable and disable each proxy in the chain. There is also a proxy checker tool integrated to this software, which is a very helpful one. Under “View” in toolbar click on proxy checker to start checking the proxies.
Some of the proxy servers available are disabled by the administrators due to various reasons. So to checking the servers before connecting it to the internet is a good idea. This tool could be used to check the status of the server. All we have to do is to specify the server address and the socket type with IP and click the check button. If it’s a working proxy a message will be shown after the test that it’s ready to use with proxifier.
Tor is a browser that helps us to browse anonymously making use of various proxy server available. In here we cannot specify proxy servers. But the browser itself skips through a few servers which are provided by the TOR network. It helps us to reach blocked destination or view censored contents by the help of the available channels.
I would not recommend TOR for extreme hacking purposes, but normal browsing could be done easily. All we have to do is to install the browser and type in the required page address. TOR’s hidden services help us to publish websites and other services without revealing the original location. Tor is mainly used against a common form of internet surveillance called “traffic analysis”.
This is used to keep an eye on the activities of a public network. TOR cannot completely hide you from attackers. It protects the packets sent from your end by encrypting it and also by passing through various channels to make it hard for other to track. However, with sophisticated tools and efforts they could find information about your identity.
As the number of users in TOR increases, the number of source and destination in the network increases accordingly, increasing the security for everyone in the network. Some NGOs recommend the users to browse from TOR to hide their identity to the outer world. A branch of U S Navy uses TOR for open source intelligence.
They use TOR for visiting websites without leaving government IP to their website log. The path selected by the browsers changes from time to time. There may be various nodes in between the connection. All this connections will be encrypted in the Tor network and the connection from the last node to the destination will be open. So when the website checks its log, only the last node path will be visible, keeping user’s privacy.
ProxyHam brings a whole new level for being anonymous. It’s a proxy device made by Ben Caudill which adds a radio connection to the users layer giving absolute protection. This device connects to Wi-Fi and relays a users internet connection over a 900 MHz radio connection to a faraway computer. ProxyHam has a range of about 2.5 miles (4 km approx).
Even if the investigator fully traces the connection, they will only find the ProxyHam placed 4 km away from your original location. Device mainly consists of two parts. First one consists of Raspberry Pi computer connected to a Wi-Fi card and a small 900 MHz antenna which is to be kept at a far away location from yours. The other end consist of a 900 MHz antenna plugged in to the users Ethernet port.
Proxy website service
There are various proxy websites that offer proxy services. Some of them may have a chain of servers behind and some of them just one or two. These websites are mainly used to access blocked websites or pages. Some of the Youtube videos are blocked in certain countries. These websites help us to view such blocked contents easily. The following is a list of such websites that offer this kind of service:
There are some integrated browser add-ons like anonymox that provide proxy services. They have a small window, which allows us to select from available servers so that we could connect it to the destination. We cannot trust completely an such add-on. They might give a shield from normal scanning but on a thorough analysis the user IP could be easily determined. And also the number of available proxies is limited in such cases. So, this type could only be used for normal browsing purposes. The anonymox window is as shown below:
Figure 7: Anonymox window.
Proxy chaining is a simple but effective way to stay anonymous over the Internet. Not only hackers, but also regular users can use these services to protect their privacy on the Internet. Black hat hackers use several tools and software to switch between proxy servers around the world, making them difficult to track. You won’t gain much security by using a regular browser and add-ons, but they can be used to some extent for everyday browsing purposes. We can also consider the speed of the Internet when using such proxy servers. If it is a popular website that the server has already cached, the response time will be remarkable. These web pages are loaded from a cache database.
When accessing a new web page, it takes a while to load due to the delay of the intermediate servers. Now that we know how proxy chaining works, we can conduct our activities with relative anonymity. I used “relative” because there is no way to remain completely anonymous with the NSA spying on the world. The only thing we can do is make it a little harder to detect with proxy chaining.
Sources of Proxy chaining
- Docs – Claro
- Proxy chaining tutorials
- Library – Microsoft
- What is proxy chaining
- Free proxy sites list
- Public proxy servers
- Overview – torproject
- Chaining web scarab onto another proxy