Anonymous proxy is used to hide your source information that includes UserAgent, YourIP, and many other header information can be hide easily.
In this Howto, we will configure our proxy to work highly anonymously with squid authentication, We will use CEntOS 5.5 with squid 2.6 stable21 release.
Squid Installation
yum install squid
User Authentication
User authentication is necessary to restrict it for personal use only.
vi /etc/squid/squid.conf
add;
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off acl px-users ident testuser http_access allow all px-users
save the file.
htpasswd -md /etc/squid/passwd testuser
New password:
Re-type new password:
service squid start
Now, set your browser to use this newly configured proxy and go to Verify your proxy header and you should see following header;
HTTP_CACHE_CONTROL:max-age=259200 HTTP_CONNECTION:keep-alive HTTP_VIA:1.1 hackersgarage.com:2312 (squid/2.6.STABLE21) HTTP_CONTENT_LENGTH:0 HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_CHARSET:ISO-8859-1,utf-8;q=0.7,*;q=0.7 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5 HTTP_HOST:www.proxydetect.com HTTP_USER_AGENT:Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 HTTP_X_FORWARDED_FOR:222.223.32.13
π Ops.. It is disclosing all information are we running. Lets make it highly anonymous.
Making it Highly Anonymous Proxy
Before making it highly Anonymous ProxyΒ Note WARNING: Doing this VIOLATES the HTTP standard.
vim /etc/squid/squid.conf
add following;
## HackersGarage.com - ACL forwarded_for transparent header_access Allow allow all header_access Authorization allow all header_access Cache-Control allow all header_access Content-Encoding allow all header_access Content-Length allow all header_access Content-Type allow all header_access Date allow all header_access Expires allow all header_access Host allow all header_access If-Modified-Since allow all header_access Last-Modified allow all header_access Location allow all header_access Pragma allow all header_access Accept allow all header_access Accept-Enncoding allow all header_access Accept-Language allow all header_access Content-Language allow all header_access Mime-Version allow all header_access Cookie allow all header_access Set_Cookie allow all header_access Retry-After allow all header_access Title allow all header_access Connection allow all header_access Proxy-Connection allow all header_access All deny all header_replace User-Agent anonymous
squid -k reconfigure
Now go to Verify your proxy header and you should see a new header which is highly anonymous.
HTTP_CACHE_CONTROL:max-age=259200 HTTP_CONNECTION:keep-alive HTTP_CONTENT_LENGTH:0 HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5 HTTP_HOST:www.proxydetect.com HTTP_USER_AGENT:anonymous
Got a problem? Ask below π
12 replies on “Highly Anonymous Proxy squid 2.6 stable21 release”
Does this makes my ip unkonown on services like http://www.whatismyip.com, domaintools.com, or http://www.who.is?
Can you be a little more specific?
When we go to http://www.whatismyip.com there is a IP address(public i guess, at upper middle position of page, in a biggest font).
What IP will be shown if we use squid as you sugested? Public IP address your squid using or UNKNOWN or what?
Your Proxy IP will be shown in a big FONT :-D.
Your original IP will not be visible and other header information that includes your proxy information. It will make it like you are using direct internet connection not doing proxy your requests π
π thnx..
I have a problem with anonymous squid 2.5.
It all works well except for facebook, it looks VERY strange.
squid.conf (relevant part) :
forwarded_for off
header_access From deny all
header_access Server deny all
header_access WWW-Authenticate deny all
header_access Link deny all
header_access Cache-Control deny all
header_access Proxy-Connection deny all
header_access X-Cache deny all
header_access X-Cache-Lookup deny all
header_access Via deny all
header_access Forwarded-For deny all
header_access X-Forwarded-For deny all
header_access Pragma deny all
header_access Keep-Alive deny all
Help!
@ Velda
replace forwarded_for off with
forwarded_for transparenthow to save file after we add
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl px-users ident testuser
http_access allow all px-users
You must be kidding.
I suggest setting your user agent to something more common than the word “anonymous” otherwise you’ll be the only user with that user agent in your entire city – and because of that, hardly anonymous.
If I keep my web server behind the this proxy, what will be happened? Please make me clear.
Thanks & Regards.
There may have been some changes because I’ve tried this exact setup using Hamachi and Squid. Both IPs are coming up. If I forwarded_for transparent, or on, or off, or delete or any combination it removed my Proxy IP and simply displays my actual IP. In no circumstance is simply my Proxy IP coming up alone.
Is this a Hamachi problem? I’ve tried with Privoxy instead of Squid and the same results occur. Would using a solution like OpenVPN and Squid instead of Hamachi fix this? Let me know.