Tag: squid

Categories
HowTos Linux

Highly Anonymous Proxy squid 2.6 stable21 release

Anonymous proxy is used to hide your source information that includes UserAgent, YourIP, and many other header information can be hide easily.

In this Howto, we will configure our proxy to work highly anonymously with squid authentication, We will use CEntOS 5.5 with squid 2.6 stable21 release.

Squid Installation

yum install squid

User Authentication

User authentication is necessary to restrict it for personal use only.

vi /etc/squid/squid.conf

add;

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl px-users ident testuser
http_access allow all px-users

save the file.

htpasswd -md /etc/squid/passwd testuser

New password:
Re-type new password:

service squid start

Now, set your browser to use this newly configured proxy and go to Verify your proxy header and you should see following header;

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_VIA:1.1 hackersgarage.com:2312 (squid/2.6.STABLE21)
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_CHARSET:ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_ACCEPT_ENCODING:gzip, deflate
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
HTTP_X_FORWARDED_FOR:222.223.32.13

🙁 Ops.. It is disclosing all information are we running. Lets make it highly anonymous.

Making it Highly Anonymous Proxy

Before making it highly Anonymous Proxy  Note WARNING: Doing this VIOLATES the HTTP standard.

vim /etc/squid/squid.conf

add following;

## HackersGarage.com - ACL
forwarded_for transparent
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Enncoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Cookie allow all
header_access Set_Cookie allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
header_replace User-Agent anonymous

squid -k reconfigure

Now go to Verify your proxy header and you should see a new header which is highly anonymous.

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:anonymous

Got a problem? Ask below 🙂