Proxy/Wingate/Socks

Intro, intermediate and advanced HOWTOs and discussion.

Proxy/Wingate/Socks

Postby weazy » Fri May 30, 2003 5:27 pm

Posted by: Ravish
Courtesy of Hacker Gurus (now defunct)

In this tutorial I will teach you What is a Proxy? What is a Wingate? What is a Socks host? and how you can use them to increase your anonimity on the net.
I am writing this tutorial in order to help people to defend themselves. Though, I don't encourage any type of illegal activities but if you think that breaking the law is good way to impress your friends then don't come crying to me if you have been screwed up.

In this tutorial I will teach you What is a Proxy? What is a Wingate? What is a Socks host? and how you can use them to increase your anonimity on the net.

Introduction to Proxy Server.
Proxy Server is a server that someone has setup on his system so that in order to connect to a website's server or any other computer over the internet you have to first connect to the proxy server. Although its not always compulsory but it is mostly used on networks such as LAN. If you are connect to the internet through a proxy server then all your connections first goes to that Proxy Server and then to the computer you want to connect. For example if you are connected to internet through a proxy server and you want to open a site http://hackergurus.tk, In such case you would first request to the proxy server and then the proxy server will request for the page http://hackergurus.tk to the server of my site and then downloads it and stores it in its cache and then supply it to you. Huh, doesn't that make the process little bit longer in comparasion to a direct connection where you just request a page to the site's server and just simply downloads it. Yes, you guessed right. If you connect through a proxy server then your connection would also be slower than the direct connection because everything that you want to download is routed through the proxy server. But, If someone using the same proxy server downloads a page and some other person requests for that same page to the same proxy server, then the proxy server will just sipmly pass the page to you from its cache instead of first downloading it from the web server. That page may be little bit out dated because that page is the older version which supplied from the proxy server's cache. In order to download the newer version of the page then siply click the "Refresh" or the "Reload" button of your browser which will repeat the above process and get you the page from the web server.

Why use a Proxy Server?
I bet that most of the newbies out there would ask the question that if a proxy server slows down our download speed that what is the need of a proxy server? Why should we use it? In some cases proxy server may allow you better surfing speed. For example: An ISP (Internet Service Provider) using a proxy server can provide you a web page of a popular web site at a faster speed in comparasion to the direct connection because it would just provide you that page from its cache. it cuts down on overall traffic for their network, and speeds up surfing for their users.
Another reason for using a proxy server could be to improve your anonimity. Yes, you can make yourself harder to track by using a proxy server because if you connect to a server using a proxy server then the server would get the IP address of the Proxy Server because you are not connected to the server, proxy server is connected to that server, you are just connected to the proxy server. You can make yourself more harder to track by chaining several proxies. But, it would make your speed more slower. You can improve your speed by connecting to a proxy server which is nearer to you i.e. in the same Country or your speed may also improve if you are using a larger and popular proxy instead of a smaller proxy. If its Microsoft don't bother, they'll probably log your every move. If it's anonymous or if it's one that says anyone in the public can use, then go for it. To find out this info you would usually have to check with the proxy server's admin's website.
Oops! Another reason that I forgot to tell you that you can also use a proxy server to connect two or more computers to the internet using only a single internet connection, Though, it is only possible if those computers exists within a same network such as a LAN (Local Area Network).

Introduction to Wingate?
WinGate is a proxy server firewall software package that allows you to share a single (or multiple) Internet connections with an entire computer network. The Internet connection shared by WinGate can be of nearly any type, including dial up modem, ISDN, xDSL, cable modem, satellite connection, or even dedicated T1 circuits.

Wingate is similar to a Proxy Server which connects a computer to another server through it on port 23. In fact, it's just a telnet connection. The Wingate will let anyone on the network access the Internet or connect through it to other sites. Due to poorly configured wingates and Administrator's incompetence, there's a lot of wingates that will let anyone on the Internet connect through them, instead of limiting access to people from the local network. Opening the way for anything from an IP spoof on ICQ or irc to full scale abuse. Such wingates are called "Open Wingates" and usually last from anywhere from a few days to maybe a few months until an Administrator either discovers it or gets complaints about some "mysterious" users doing something they shouldn't be. Most likely in that case it's someone connecting over the Internet.

The only benefit for administrators is the ability to put multiple users through the same connection. The problems with it clearly outweigh the benefits. If anyone is going to set up their own wingate, I'd suggest strongly that you know what you are doing and make sure that is configured securely so that only those that are meant to use it, are the ones using it. Another more secure WinGate-like software is SyGate.

In most of the cases the logs of the wingate server are cleared usually after every 48 hours. Most businesses and ISP's (especially the big ones) just don't have the need or the resources to log every single thing that happens on their wingate servers.

How do I find Wingates?
The best way to find a Wingate is a word of a mouth. You can get the address of a wingate from your friend who already knows one. The second that I would suggest you is to use a Wingate scanner. There are lots of Wingate scanners available over the net. You can also download some of them from our downloads section. All you need to do is just fed them an IP range or a hostname which you want to scan. I would recommend you to first scan the IP's in third world countries, the Middle East (except Israel), Africa, and on the @home network all have one thing in common: They all have wingates that are poorly configured and there are usually a few open wingates on their networks.
Through Unix, the best way is: trial and error. telnet to the wingate through port 23, then leave the user name and password blank and if you get in, you've found one. You might also want to try username and/or password as: wingate or you can also try "guest" or something like that.

Using Wingates with ICQ.
In order to configure ICQ to work with a wingate just follow the following instructions:
Go to WinGate Setup Screen and click on the Proxies Tab
Press ADD
Select Type of Proxy: 'Mapped Link'
Press Create
Under the Settings Group check 'Enable Connections To Proxy On Port.' Put the number 3333 in this window.
Set The Socket Type to: 'UDP'
Make sure that 'Destroy Inactive Sessions after XXX seconds' is NOT Checked.
Make sure that 'Enable Default Remote Host' is Checked and set to: icq.mirabilis.com Port: 4000
For each remote machine:
Press Add.
In 'Connect Client IP' enter the IP of the remote machine
In 'To Host' enter icq.mirabilis.com
In 'Port' enter 4000
Press OK
Now press DONE.
You will now be at the main WinGate setup screen.
Make sure that there is a SOCKS4 Proxy Enabled on Port 1080
Press SAVE
Check it out at your remote machine
Remote Machine Configuration
If you still did not pass the ICQ Registration Wizard:
At the Registration Wizard under Connection Type register as a LAN User.
Choose 'I am behind a firewall or proxy.'
Click Next for the next dialog.
Choose either Socks4 or socks 5 server depending on the compatibility of the proxy server
Do NOT mark the firewall sessions time out
click Next for the next dialog.
Enter the servers' IP address using socks port 1080.
Click Next for the next to see if you have succeeded to register.
If you fail to register, you will receive the a dialog telling you so.
Try one or more of the following:
Click Retry to try again using the same settings.
Hit the Back button to change the firewall settings.
Click Cancel to abort. Reconfigure your firewall settings and try again by running ICQ.exe.
Additional Remote Machines:

For any additional Remote Machines on your network, Do exactly the same procedure as specified in Remote Machine. Use EXACTLY the same numbers and setup. You only have to look up the IP address of the Host one time on any one of the remote machines in its HOSTS file.

Using Wingates with IRC.
You can use a wingate with IRC pretend that you are from some other place. You can also use this in case you have been banned from an IRC server. In order to configure your IRC client to use with Wingate, siply tell your IRC client that you're behind a SOCKS4 or SOCKS5 (again, depending on the Wingate. Try both and see which one of them work) and enter the Wingate's IP. If you are asked for a username and a password, leave these fields blank. Since, there are so many clients out there so I would not explain each and every client. I would only explain configuration mIRC (you can get it from http://mirc.co.uk). So, to conigure mIRC to use with Wingate just follow the following steps:

Click at File > Options.
Now click at Firewall option on the left side of the box.
This will represent you with the firewall setings.
Now, Check both the options "Server" as well "DCC" where it is written enable firewall support for:
Now in the protocol section select anyone Socks4 or Socks5 depending on the wingate.
Now feed the IP address of the wingate in the field "Hostname" and fill UserID and Password if any else leave it blank.
Now, give the port of the Wingate at the place of Port:
Click Ok and everything is done!

In order to configure Wingate with any other IRC client see its help file and explore your client your self.

Introduction to Socks Host.
Socks host is pretty much almost the same thing as wingate except it connects through port 1080. In your settings for proxy server in your internet browser (explorer or Netscape) you should notice a setting for socks host. You can enter a socks host. If you have ever used mIRC for IRC, you'll notice a setting for firewall. In that setting leave the username and password blank, leave the port as 1080 and enter a wingate address in the Hostname, then click Use Socks firewall, and try either protocol: Socks4 or Socks5 (whichever works for you). Reconnect and you should notice that your IP address and identify will appear on IRC as if you are connecting through the same IP address as the socks host. Not all wingates will work as a socks host. Remember it has to be able to let you connect through port 1080 or else its no use in irc. Newer IRC daemons can however detect wingate/socks host connections. With the web, it's not useful. It may or may not hide your IP address depending the type of websites you are connecting to. For web anonymity stick to multiple Proxy servers.

That's from me for this tutorial. But, use the proxies/wingates/socks hosts with caution. In some cases this may be illegal. Also, you can not say that you are 100% untraceble by chaining several proxies/wingates. One can get your IP address and your ISP by just a little co-operation with the system administrators of proxies/wingates/socks host.
--The Devil is in the Details--
User avatar
weazy
Ex-Admin
 
Posts: 1688
Joined: Sun Jul 07, 2002 10:02 am
Website: http://www.hackerthreads.org
Location: any given

Return to ā€œ%sā€ Linux & BSD Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

cron