Ethical Hacking Week 4: Anonymity in Port Scanning

Posted on by
This post assumes you are using Kali Linux

Proxy Chains and TOR

One key thing to know before performing port scans is to stay anonymous and mask your IP Address. This is because when doing a port scan most systems have firewalls that detect your scans and can easily find your information. The solution to this is a proxy which is a intermediary machine whose IP address will be detected rather than your own machine. By connecting to the internet through proxies your connection is more private and anonymous.

TOR is a free and open source software for anonymous communication by directing internet traffic through a worldwide network in order to conceal a user’s location. Without TOR your computer makes a direct TCP connection with the websites server you are browsing and from the web server your IP address can easily be detected. However with TOR the service sends your data through multiple nodes and never makes direct access with the web server. The exit node would finally be responsible for contacting with the webserver and it would be very tricky to tracing your IP Address.

Setup and Installation

First check if proxychains is already installed by running ($sudo apt install proxychains). If this says 0 packages installed then your already have it in your computer. Then we will have to navigate to the directory with the config file of proxychains. This can be found in this directory (/etc/proxychains.conf). You can also use the locate command to find the config file however if proxychains is installed the config file has to be somewhere in your system.

Next we will open the proxychains.conf file with VIM or Nano. Whichever you prefer. ($sudo vim proxychains.conf). Then we will press i to go into insert mode and change some things inside to config file. First we will uncomment dynamic chain (remove #) and then scroll down to the proxy list section at the bottom. We will add this code to the proxy list. (socks4 127.0.0.1 9050) and (socks5 127.0.0.1 9050). After that we will we press escape and do (:wq) to write/save and quit the file.

Next check if you have tor installed on your computer by the same process above. ($sudo apt install tor). Once installed on your computer you can run the tor service via this command ($service tor start) and check if the status is active by ($service tor status). Then press ctrl-z to exit the prompt but keep the service running. Ctrl-c would exit the prompt too but terminate the service. Finally run ($proxychains firefox google.com) and check your IP Address and see if your real IP is masked. If it is then you are successfully using proxychains!

Leave a Reply

Your email address will not be published. Required fields are marked *