Proxy Chaining ------------------------ Written By Dr.T/BCVG Network, May 2001 (c) [BCVG] Network, www.ebcvg.com ============================================= Introduction -------------- This tutorial deals with proxies, proxy chaining and how this technique can be used to become even more anonymous on the Internet while online. Why Did I Write This? ---------------------- I wrote this tutorial, because I have not seen any tutorial discussing proxy chaining. Most of the tutorials I have come across discuss only proxy servers and their most common uses. Proxy Servers ------------------- Although most Internet users have used a proxy server at least once, not many of them really understand how it works. This paragraph provides the basics on proxy servers, which are necessary for understanding of proxy chaining. In case you have already acquired this knowledge from some other source feel free to jump directly to the next paragraph. A proxy server is actually a gateway to the Internet for all connected to it computers (clients). It receives requests from the clients – like viewing a web page, connecting to an FTP server etc., - forwards them to the Internet and returns the response. The diagram below shows how a typical request is processed in the regular way and using a proxy server. Without a Proxy ------------------ 1. [User] ---> [web page] 2. [User] <--- [web page] With a Proxy ------------------ 1. [User] ---> [Proxy Server] ---> [web page] 2. [User] <--- [Proxy Server] <--- [web page] To speed up loading of web pages proxy servers store retrieved web pages in its cache. So, if a client request a web page, which has been requested earlier by any other client, this request is processed much faster. An obvious drawback of this feature is lack of synchronization – if you visit an online news site (like CNN or Yahoo) you expect to see it in the up-to-date state and not as it has been retrieved for somebody else hours ago. To overcome this problem proxy servers “refresh” the content of their cache, usually every 10 minutes. Proxy's cache ----------------- Check if exits in cache, if yes pull it out 1. [User] ---> [Proxy] / \ Otherwise connect to server Proxy Chaining --------------------- After a little introduction about proxy servers and their use now it's time to turn and explain about the subject of this tutorial - Proxy Chaining. Proxy chaining is merely connecting to more than one proxy and then to connect to your intended destination. There is no limit on the amount of proxies you can use and you can use as many proxy servers as you want. The more you have, the more anonymous you will be on the net. Lets take a simple example of Proxy chaining: [User] ---> [proxy1] ---> [proxy2] ---> [proxy3] ---> [web site] In the example above shows that for a proxy chain to be created, the user must first connect to proxy1. Once a connection is established, the user connects from proxy1 to proxy2, from proxy2 he connects to proxy3 and finally he connects to a web site or any other destination. If we look at the process above, we see that all together we have three proxies and to each proxy in this chain we call "link". The use of proxy chaining is very useful when you try to stay anonymous on the Internet because if someone tries to follow your tracks it will find the IP (Internet Protocol) of Proxy4. The problem with proxy chaining and with proxy servers in general is that they "die out" in few weeks and if one "link" is dead the entire chain is broken. Proxy chaining is a necessity if you plan an attack. If you plan to gain unauthorized remote access to any server, chaining is a must. Even though you will never be totally anonymous of the Internet and no matter what will you use. The concept of using proxy chaining is to make the tracking work much harder than before. Browser Chaining -------------------- I'm sure that most of you used a proxy to surf to do some other stuff and most of the time you wrote it down at your browser. Using proxy chaining in browsers is fairly easy. In this sample I'll use Internet Explorer. The first step is to find the Internet Options; you can usually reach it by right clicking on the desktop icon or by choosing it from the Tools menu. At the Internet Options Window you go to the Connections tab, then you go to the Setting button (not the LAN Settings) and there you should put a check in the box where is says "Use a proxy server". Now, if you wanted to use a proxy you would merely put the proxy address or its IP address in the "Address" field and put the proxy port number in the "Port" field. But if you want to use more than one proxy you should do it in the following way: First you put the proxy address along with a ":" colon, then the port number followed by a space separating the next proxy. You continue this process until you reach to the last proxy. When you reach to the last proxy you write in the "Address" space only the proxy address, but the port would be written in the "Port" space. One Proxy -------------- Address: 24.12.45.45 Port: 3280 Proxy Chaining ---------------- Address: 24.12.45.45:3280 121.67.22.33:444 45.189.164.3:55 111.2.3.22 Port: 4555 HTTP Chaining ----------------- I don't know how many of you used this feature, but I'm sure that part of you will find this feature very useful. HTTP Chaining is basically chaining a proxy in your browser address bar. The last sentence means that if you want to use a proxy in one or two specific web sites, you don't have to use the Browser Chaining, but you can use something simpler that I'm going to explain below. HTTP Chaining is basically very simple and here is an example of it: http://proxy1.hhhh.net/-_-http://www.yahoo.com The above sample shows how to use a proxy server in your address bar, notice that the proxy server and the destination separated by "-_-" (dash, underscore, dash). The sample will first connect to the proxy server and then it will send a request to connect to Yahoo web site. If you want to do a chain in such was you should do it like this: http://proxy1/-_-http://proxy2/-_-http://www.yahoo.com Another way is to use the proxy port number and write it down in the address bar in the following way: http://proxy1:4566/http://www.yahoo.com So, if you want to make chain you will do it in the following way: http://proxy1:4566/http://proxy2:233/http://yahoo.com Notice that when you write the port number, the proxies and the destination are separated by a forward slash (/) instead of dash, underscore, dash (-_-). Final Words --------------- If you have any questions contact me, Dr.T, root@ebcvg.com