green padlock on pink surface
Fri Feb 10

Going Anonymous with Proxychains

Anonymizing yourself on the internet can be an extremely difficult thing to achieve. In fact there are so many ways that your identity can be revealed, even if you think you’ve taken all the necessary precautions. For example, your IP address can be tracked, your browsing history can be monitored, and any personal information that you share online can be used to identify you.

One thing that may also come to your mind in terms of anonymity is likely to be the TOR. While in fact, this is quite a decent tool to achieve the goal, it comes at a cost of performance. To some extent, going through a multi-layered network can be extremely slow thus making it impractical to use on a daily basis. If this is your case, Proxychains may come in handy.

In this article, we are going to explore the features, capabilities and limitations.

What is Proxychains?

To understand what this is, it would be helpful to understand the concept of how TOR and a proxy server work.

Here, you can find a more detailed explanation of what the TOR is. In short, the internet traffic that you send will be forwarded with three randomly selected servers called nodes in the TOR Network. The traffic that you send will also be encrypted with several layers which can only be decrypted at a certain stage.

Another article [here](https://www.binaryte.com/blog/what-is-a-proxy-server- and-how-does-it-work) will help you to understand about proxy servers and how proxies work. Then, what about Proxychains? Proxychains is a powerful tool to have your internet traffic going into a series of proxies before reaching the target server. It works by forcing any TCP connection made by the client to follow through a set of proxies specified from the configuration file.

Advantages and Disadvantages of Proxychains

While both TOR and Proxychains work similarly by routing the internet traffic using multiple servers, there are still some differences between the two, thus making it more or less beneficial over the other. Here are some aspects to consider.

Anonymity and performance

In terms of anonymity, TOR offers a higher level of anonymity as compared to Proxychains. This is related to TOR which uses the layered encryption described earlier. Additionally, the volunteer-operated servers that make up the Tor network may have varying levels of speed and reliability, affecting the overall performance.

Proxychains by default does not use encryption from the client to the first server or to subsequent servers. As a result, by using Proxychains, the established connection will have much better performance than TOR. Although TOR and Proxychains still depend on the speed and reliability of the server used, encryption will have a huge impact on both performance and anonymity.

Security

Even Though TOR can provide a higher level of anonymity, in fact TOR cannot be said to be ‘very safe’ to get the desired anonymity. Despite the difficulty of tracking down the TOR network users, every node in TOR has been known to be constantly monitored and tracked by the government agencies and any other groups. The reason is that all of the TOR network nodes are listed and publicly available.

The Proxychains servers are less likely to be monitored, as the proxy list can be configured manually by the user. It is also possible to change the proxy list partially or entirely, making it much harder to track and monitor.

Control

As we know, the nodes in TOR are randomly selected in a network. At this point, the Proxychains thrives as it allows clients to have more control over the proxy they want to use. The client is also given the flexibility to use the desired proxy type (HTTP CONNECT, SOCKS4, SOCKS5) or choose the country where the proxy server is located.

Proxychains chaining options

Proxychains have several options that can be used to determine how the proxy list should be treated. This set of proxies will then be executed by following the rule of previously chosen chaining options.

Dynamic chains

Dynamic chaining allows you to connect through several proxies that you have entered in the proxy list. In the event that one or more proxies are down, at least one proxy in the online proxy list is required to allow a connection.

Strict chains

If in dynamic chaining, at least one proxy is needed to establish a connection, strict chaining requires that all proxy lists are online (none of them are dead), to be able to establish a connection.

Round robin chains

The round robin chain works similarly to a dynamic chain. However, its execution order is slightly different from dynamic or strict. For example, say that we have 3 proxies: A, B, and C. On the first execution, chaining will be done with the A->B->C rules. The next chaining will start from B so that the chaining will follow the B->C->A pattern and so on. The fourth execution will start again from the beginning, so the chaining will follow the A->B->C pattern again.

Random chains

If both dynamic and strict connections are executed sequentially, random chaining will randomly select the proxy server to use from the proxy list that we have previously defined in the proxy list.

Additional chaining settings

If enabled, either round robin or random chaining will require a certain number of the proxy servers to be able to establish a connection. This can be configured by replacing the number in chain_len with the number of proxies we want.

Proxychains configurations

You will need to configure the config file in order to use the Proxychains properly. You can find the config in /etc/proxychains4.conf. If you can’t find the file, you probably need to install it first. To do that, you can type sudo apt install proxychains4. To activate any configuration, just remove the # (hashtag) symbol in front of the command line you want to enable.

While you can read and edit on your own by reading the commented description, let’s focus on some particular points only. To edit the file you need any text editor. You can edit it with a terminal using nano or vim or do it manually from the file manager. Type this to start editing the config file.

nano /etc/proxychains4.conf

At the top, you can find some of the previously mentioned options. You can choose one based on your needs. Make sure to uncomment the chaining options you want to use, and comment out the other ones.

For example, we would like to implement the dynamic chain. To do this, you can uncomment the dynamic_chain and comment out strict_chain.

# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
#strict_chain
#

Now, let’s focus on the very bottom of the file, where you can set your own list of proxies. Now, find this section.

# ProxyList format
#       type  ip  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#       only numeric ipv4 addresses are valid
#
#
#        Examples:
#
#               socks5  192.168.67.78   1080    lamer   secret
#               http    192.168.89.3    8080    justu   hidden
#               socks4  192.168.1.49    1080
#               http    192.168.39.93   8080
#
#
#       proxy types: http, socks4, socks5, raw
#         * raw: The traffic is simply forwarded to the proxy without modification.
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4  127.0.0.1 9050

By default, the proxy list is set to use TOR. Regardless, Proxychains don’t seem to provide any available proxies. You can find it yourself by simply doing some search on the internet. Reddit or Github could be very useful.

You may also wonder what SOCKS4 and SOCKS5 are. In essence, SOCKS (Socket Secure) is protocol used for route network packets through remote proxy servers. SOCKS5 is an improved version of SOCKS4 which is more secure. So, you may prefer SOCKS5.

After some research, we got some ready to use proxy. Here they are.

http 65.108.230.238 46098
socks4 103.76.190.81 4153
socks5 50.30.90.79:8111

You can set them to your proxychains.conf file. You can choose to keep socks4 127.0.0.1 9050, if you want to use TOR. In this case, we don’t want it, so the proxy list section should look like this.

[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
http 65.108.230.238 46098
socks4 103.76.190.81 4153
socks5 50.30.90.79:8111

It is important to note that these sets of proxies may not work every single time. That being said, you need to update this frequently in case the proxies are unusable. To make things easier, you can consider making your own script to let the list update daily by using cron.

Executing Proxychains

We recommend you to use any DNS leak test to test any outgoing traffic. To do this, you can simply type this on the terminal.

proxychains4 firefox dnsleaktest.com

Now, compare the result without using Proxychains. To do this, simply open your browser and see the result. If it shows a different result, you have done it successfully.

Conclusion

At some point, you may find the TOR to be more useful in comparison to proxychain or vice versa. Sometimes, you probably need the two to work together for a greater level of anonymity. You can choose which one is best suited to your needs based on their respective pros and cons. After all, use this knowledge for educational purposes only. We neither recommend nor promote any illegal activity being carried out while anonymizing yourself online.

You might like

A Comprehensive Guide to LDAP Injection

LDAP Injection is a serious threat to your web applications. Find out how attackers can exploit it, how you can protect yourself, and how you can test your defenses in this ultimate guide.
What is /dev/null in Linux?

Discover the purpose and functionality of /dev/null in Linux. Learn how to discard unwanted data, silence output, and efficiently manage system resources. Explore the null device in the Linux file system.