SocksChain
Version 3.8
Sockschain is a program that allows to work with any Internet service through a chain of SOCKS or HTTP proxies to hide the real IP-address. SocksChain can function as a usual SOCKS-server that transmits queries through a chain of proxies. SocksChain can be used with client programs that do not support the SOCKS protocol, but work with one TCP-connection, such as TELNET, HTTP, IRC... (FTP uses 2 connections). And your IP-address will not be seen in the server's logs or mail headers;
What's new
Version 3.8
- Functionality of utility SocksCAP (automatic capturing WinSockets-API calls of client programs and relaying them through proxy-chain)
- Support of non-standard port numbers
- Remote domain name resolving (required if you have not access to DNS) & SOCKS4A protocol
Version 3.6
- Auto-upgrade function
- More robust testing of proxies
Version 3.0
- Support of HTTP-proxies with HTTP-tunneling support
- Function of proxy operability testing
- Setting of Internet connection type (i.e. it is possible to specify a fixed proxy that will be the first in all connections )
- Big database of proxies (a few hundreds of addresses)
Principle of operation
SocksChain transmits the TCP-call of a client program in such a way that it successively goes through a chain of proxies. SocksChain itself is connected only with the first element of this chain. That one in its turn is connected with the second and so on...
So, to track where the query was initiated from with the help of server logs is very complex. To do that, one should analyze the logs of all intermediates one by one in the reverse order. If somewhere the logs are not kept, the thread will be lost. Theoretically it provides a high degree of anonymity. But it affects the speed of data transmission as it is inversely proportional to the chain length.
SocksChain subsystems
Proxies manager
What is proxy
Proxy is a network computer that can serve as an intermediate for connection with other computers. They are usually used for the following two purposes:
- As firewall, which protects the local network from outside access
- As IP-addresses multiplexer, which allows to connect a number of computers to Internet when having only one IP-address
The program WinGate is often used as proxy.
Quite a number of such proxies are open to easy access.
In all variety of proxies there are 2 basic types of universal services, i.e. allowing to transmit any TCP-connections (not only, say, HTTP and FTP). Only they make a chain possible and, therefore, are useful for SocksChain:
- SOCK4 and SOCKS5 services. Their default port is 1080. SOCKS5 is the most universal service, as it allows not only establish TCP-connections but open a port for incoming TCP-connections (BIND operation ) and transmit/receive UDP-datagrams as well.
- HTTP-proxy with a possibility of SSL-tunneling. The default ports are 80, 8080, 3128. This service is less universal than SOCKS5, but by far more widespread.
Proxies manager deals entirely with proxies database support. It is called from the menu Options|Proxy Manager. The manager's functions include:
- Storing the list as an XML-file
- Refreshing the list from the server (Download button)
- Operability testing (Test All button). (By default it tests the connection with the server www.microsoft.com port 80, as the most powerful and accessible from everywhere).
- Notifying the server of the operability degree of the used proxies
Thus, the list of proxies is kept in a distributed way. The server script collects statistics on the most frequently used proxies. It is important since easy access to the proxy is often closed.
Format of XML-file SocksChain.xml
This file contains the table of known proxies. You can enlarge the file both from the program and manually according to the following example:
<SocksChain> <Proxies> <Proxy IP="12.1.68.100" SOCKSPORT="1080" SOCKS4="" SOCKS5="" /> <Proxy IP="12.2.81.50" HTTPPORT="8080" HTTPTUNNEL=""/> </Proxies> </SocksChain>
The presence of IP parameter is required. The presence of other parameters is optional and means:
- SOCKSPORT - port for services SOCKS4/5 (by default - 1080)
- HTTPPORT - port for HTTP-tunneling (by default 80, 8080, 3128)
- SOCKS4, SOCKS5, HTTPTUNNEL - parameters without specifying a value. Their presence means that the given IP-address has been checked on the functioning of a corresponding service.
If a few proxies have been checked for one IP-address, the priority goes to SOCKS5, then SOCKS and HTTP.
Server
The server deals with processing queries of Internet-clients. Its task is to redirect TCP- and UDP-connections to a certain route of proxies. The route can be specified manually or it can be made up automatically (here its length must be specified) with the available list of proxies.
The server allows to add a few Services on different ports. Each service may have its individual route and target server . The target server is needed only if the client program does not directly support SOCKS-protocol .
Here is the approximate list of popular programs that support SOCKS (no need to fill out the field TargetServer):
- mIRC
- ICQ
- InternetExplorer
- AdvancedDirectRemailer - remailer with built-in SMTP server that supports mailing lists, plug-ins and SOCKS-5 proxy
- WinGate
The programs that do not support SOCKS but allow to work through SocksChain:
- MS Outlook & OutlookExpress
- Telnet
- MS TerminalClient
Unfortunately the majority of FTP-clients cannot work through SOCKS. And since FTP uses not only outgoing TCP-threads, their redirecting through SocksChain is impossible.
When installing, the service is created by default on port 1081 (not 1080 since port 1080 is often occupied by some standard proxy, for instance, WinGate). You can change the proxy number to any vacant one on your machine. Respectively you specify 127.0.0.1:1081 as server address in the client's program. That is you need to connect your client's program, SocksChain, intermediate proxy and target server in a logic chain.
When the clients call the services, the process of successive connecting to the chain elements appears in the right bar of the main window.
When the server is added or modified, the setting window appears on the screen. Its basic elements include:
- Name - service name, it does not perform any function and it just has to be unique.
- Accept on port - port on your machine that is not occupied by any other service. It can be assigned arbitrarily. This particular number must be specified as server's port or proxy in the settings of clients program. If we, say, chose port 1081, then in the mailing client we enter SMTP-server: 127.0.0.1 port 1081 (127.0.0.1 always stands for the machine where the client is running)
- Auto-creating chain - automatic chain creation. When this option is selected, one should clear the list-box "Chain".
- Length of chain - length of chain that must be automatically created. Recommended values: 2-5. Longer chain makes being detected less possible but it affects the speed.
- Chain list-box - list of proxies through which the connection is transmitted.
- Target Host - a couple of host:port kind, the aim of the clients that do not support connection through proxies. For instance, Telnet: somehost.com:23. This address does not have to be a proxy.
- ProxyList - table of known proxies. Not all of them work continuously. That is why it is recommended to test them from time to time with the proxies manager .
If we leave the list and Target blank and disable Auto-creating, SocksChain will function as an ordinary SOCKS4/5 proxy. This mode can be helpful if you create the chain manually. In this case it is possible to do that step by step, set the client to work simply through SocksChain without proxies and then add them one by one.
General settings
The following parameters are set in the Tools|Options menu:
The program is created in conformity with the following documents: