For whatever reason, you find yourself using a tool like nmap or nikto. Running scans on different websites and IP addresses can be ethically beneficial. Even if you’re not an ethical hacker/penetration tester, utilizing security scanners or web server scanners can still give you peace of mind. Finding potential vulnerabilities in websites you wish to use is a wise move. However the issue is avoiding exposure from security admins, technologies, and forensic investigators in the process.
When you’re establishing a TCP connection to a targeted host, you’re giving that system access to vulnerable information. This information includes your IP address. Can you guess what that means for logged connections that raise red flags? A good way around this is utilizing a tool like Proxychains to proxy your traffic.
To make things simple, Proxychains provides a different IP address to any executed command via the syntax: Proxychains <the command you want proxied> <any arguments>
Codingsec writes of Proxychains features in their ethical hacking tutorials blog,
- The latest version of Proxychains support SOCKS5, SOCKS4, and HTTP CONNECT proxy servers.
- It can be mixed up with a different proxy types in a list.
- Proxychains also supports any kinds of chaining option methods, like: random, which is it takes random proxy in the list stored in configuration file. or chaining proxies in the exact order list, different proxies are separated by new line in a file. or dynamic option, that let Proxychains to go through the live only proxies, it will exclude the dead or unreachable proxies, the dynamic option often called smart option.
- Proxychains could run or handle any TCP client application, ie., nmap.
In conclusion, if you’re going to be testing the vulnerabilities of popular websites without permission, Proxychains or something similar is definitely necessary. Proxychains can also be configured with Tor for maximum security when browsing (see comments as well).