Proxy Chains: Understanding and Using It.
Proxy chains or proxy chaining, is the use of multiple proxies for internet packets to pass through, as opposed to just one proxy. Before delving into proxy chains, an understanding of proxies is essential.
What is Proxy Chains?
A proxy is a sever that receives internet requests (or packets) from a client and forwards them to a destined server, working as a delegate for the client. The client never actually establishes a connection with the destination server; rather, the client connects to the proxy server, which will in turn establish a separate connection to the destination server. Likewise, the proxy will receive any response coming from the destination server and forwards it back to the client. This way, the end server never knows of the client’s partaking in the connection.
There are many reasons to why someone would use a proxy, some of which are:
• Circumventing censorship imposed by ISPs.
• Accessing services that are only accessible in certain countries.
• Anonymity and privacy.
Anonymity and privacy, however, are the uses our focus is on. When you connect to a server normally, your IP address is disclosed to the server, which is not favorable if privacy is a concern for you. In contrast with that, when you use a proxy to make the connection to the end server, only the proxy’s IP address is identified by the end server; yours is out of the picture.
This is effective, but not very anonymous. Having your connection bounce off one hub to the destination is not that much different from connecting directly. The traffic route isn’t complicated and so, not hard to analyze. Moreover, in extreme cases the proxy server could yield its IP logs when forced by the authorities. For these reasons, the idea of proxy chains emerged.
As previously stated, proxy chains is the use of multiple proxy servers though which your traffic will go sequentially. In a proxy chains instance, you would first connect to, say proxy1, which will subsequently establish a distinct connection to proxy2, and so on till your request reaches the desiredserver. You can add as many proxies as you want in between the end points. This makes backtracing increasingly harder.
A proxy in the chain would only know of the proxies adjacent to it, namely the previous and the next one. This means only proxy1 will know your IP address ,while the destination server will only see the IP address pertaining to the last proxy in the chain.
A downside of such chains is, unsurprisingly, a significant decrease in internet speed. Packets have to travel through many stations, resulting in a delay that amounts to the sum of delays in each of these stations. However, everything comes with a price, specially something as valuable as privacy.
Proxy Chains in action
How to setup Proxy Chains on Linux
If you do not have a Linux installation on your PC and do not want to install it, you can read how to setup whonix here.
Our natural selection is an implementation called proxychains. Proxychains is a free open-source program. You can read the source code or suggest improvements to the developers here. Assuming you are running a debian-based linux distro, type the following in the terminal to install proxychains:
sudo apt-get install proxychains
Upon completion, you would want to to open proxychains.conf. This is the configuration file. To do so type:
sudo gedit /etc/proxychains.conf
The configuration file should open and it will look like this:
In the upper part of the file, you can see a set of proxy protocols you can use. A quick summary on
• HTTP proxy – HTTP proxies are made to handle HTTP request. However, using the CONNECT
method, they can be used for any other protocol.
• SOCKS proxy – Socks proxies are more generic than HTTP proxies. It’s basically just a TCP socket
that can be used for about any type of protocol. SOCKS4 is an old version while SOCKS5 is a newer
one that supports authentication and UDP forwarding.
There are three options in the configuration file regarding the proxies list. Removing the prefixed #
symobl activates the respective option. The dynamic_chain option uses every proxy in the list, in the
exact order they were written, but smartly skips ones that won’t work. Secondly, the strict_chain option
uses every proxy in the list, in the same order as well, only, the connection stops when one of the
proxies in the sequence won’t work.
The random_chain option is a bit different. Opting for this, proxychains uses the proxies in the list in a
random order, that is, not the order they were written. On top of that, the value chain_len is set only
when random_chain is chosen. It specifies the number of proxies used for the random_chain option.
This option makes your connections patterns hard to follow.
The user can only choose one of the three options at a time. The proxy_dns option forces all DNS
queries to go through the proxies, which prevents DNS leaks. It’s on by default, and you would want to
always keep it on if you don’t want to give yourself away.
You can add your list of proxies at the bottom of the file. One of the entries set by default is Tor. To
make this entry functional you have to install tor. Type:
sudo apt-get install tor
Afterwards, type “tor” in the terminal to start it. Tor will listen for connections on localhost 127.0.0.1
port 9050 by default. Now it’s time to look for proxies! You can find a handful of public anonymous
proxies online. A good website that aggregates proxies and checks them periodically for availability is
free-proxy-list.net. Type the proxies you choose in the configuration file.
Now the configuration file is set! To use proxychains with any program , type proxychains before the program’s name.
For example, if you want to use firefox through proxychains, type:
To test the functionality of proxychains, use an IP address identifier website like
whatismyipaddress.com and see if your real IP is shown or not.