This is the latest (and lightest) version of the 'Proxy Posters Tool Kit' in the form of a Guide as this version contains no binaries, just a few links to freeware and shareware.

         

Mission Statement:

The purpose of the Proxy Posters Tool Kit is to provide people with the information and tools to be able to post to UseNet with as close to total anonymity and safety as is possible. Whether you post text or binaries, posting entails some loss of privacy; if you post from your ISP your IP-address (Internet Protocol address, a unique identifier for each node on the internet) shows in the 'NNTP-Posting-Host' header of the message, if you post through a commercial NSP (News Service Provider) then it is known what NSP you subscribe to. Anyone who wants to, who has the proper credentials or friends, and who knows how can track you down without breaking a sweat.

Posting by proxy virtually eliminates any loss of privacy.
 

What is a Proxy?
 

A proxy is any computer that stands between your computer and the destination computer (technically a router is a proxy, but a totally UN-anonymous one.) The proxy relays all messages to-and-from the destination and your computer. Thus you can use a proxy to send mail to an SMTP server that you have outside your ISP, and have the IP that shows in the headers of that mail be that of the proxy, not you. Posting to UseNet is similar to e-mail except that the messages are public and can be read by anyone. 

 

There are two schools of thought concerning "open" proxies (proxies that are unsecured by a password.)  One school says that the proxy is left open by mistake, and the owner never intended for anyone to find it and use it. The other school is the one which is proposed by the WarezFAQ, which is that owners of proxies are knowledgeable computer users, not neophytes prone to obvious mistakes, such as leaving the proxy open. Since most proxy software can be set to secure-mode by a simple checkbox during set-up, unsecured proxies are almost certainly that way by design.  The knowledgeable computer user knows that his open proxy will be scanned sooner, rather than later, and added to the lists of open proxies on web sites.  It is unlikely that a neophyte computer user would be setting-up a proxy on his/her computer, so we must assume the proxy is there by design, and we can use it freely so long as we don't abuse it by using to spam, for example.
 

Why post through a proxy?
 

By posting through a proxy the source of the message is effectively hidden. No one can tell the true origin of the message based on header information. Anyone posting "controversial" material, be it text or binaries, is well-protected when one or more proxies is used to conceal the origin of the post.

Proxies can be "chained"- which is to say you can include in the message-routing information a series of proxies, not just one. You can tell proxy 1 to forward the message to proxy 2, and proxy 2 to forward the message to proxy 3, and proxy 3 to forward the message to a destination- such as a news server. Since many news servers use authenticated access methods the final news server should be one to which you have legitimate access- such as an anonymously-obtained commercial NSP. All chaining is handled automatically by SocksChain (Q.V.) Simply tell it how many proxies to include in the chain, it does the rest.

 

How can you get an anonymous NSP?
 

There are always several free servers which allow posting, one such at the time this is being written is at http://www.usenetzone.com. You can obtain a free account with them using a webmail email, such as Hotmail or Yahoo. Additionally there are several NSPs that allow you to send them money-orders for payment. You can obtain an account with them using an anonymous web- mail (such as a free Hushmail account) for the e-mail information they need to send you login/password, and an anonymous money-order. Some have non-recurring, bulk-byte accounts: where you buy a certain amount of bytes to download, such as 10 gigabytes for about $10 USD.

(Some technical talk, you can safely skip this paragraph.)
These block byte accounts are ideal as posting accounts, but as posting entails some bytes downloaded as you post (the 'SACKS' or "server acknowledgements" sent to you for each packet that you upload,) they won't last forever. Some servers don't count the SACKS as bytes downloaded, but some do. Typically SACKS run about 2% of the upload; so to run out of bytes on a ten-gigabyte block account you would have to upload 500 gigabytes. The actual amount will vary depending on the packet size and the number of times a packet has to be sent/resent.

You should not use any NSP account directly from your ISP if you wish to maintain total anonymity at all times, instead always use at least one proxy to access that account. That way they never have your true IP address.
 

Must you purchase an account at an NSP if there are no free servers with good propagation right now?
 

You should! Even though it is possible that the (final) proxy itself may have unauthenticated news-server access, i.e. that does not require a user/pass to log-on to the news-server. Such access is typical for many Cable ISPs, because the modem is hard-wired into the network with a fixed IP, so the news-server need only check that the IP is an authorized one. You really should *not* use such access however, as you're not entitled to do. That is only supposed to be used by a subscriber to that ISP.  You are more likely to incur the wrath of an ISP for improperly accessing the newsgroups than you are to run afoul of any LEA (Law Enforcement Agency or Authority) for posting copyrighted material. One fellow posted to his own cable ISP's no-password-needed news-server via proxy! Technically, since he was a subscriber, he was authorized to access the news server, but he was untraceable because he used proxies to get to it. 
 


How hard is it to use proxies?
 

At the present time, with software like SocksChain from Ufasoft, it is about as hard to use proxies as it is to use a toothbrush.

Once your posting application has been added to SocksChain's program-list (drag and drop works fine,) you then use SocksChain to start the posting application (by double-clicking the application's name in SocksChain's little list window). Once the program has been started all proxy use is transparent to the program, as all proxy information is handled by SocksChain (Shareware) which you can get at:

http://ufasoft.com/socks/

For most users the un-registered freeware-version is perfectly adequate. That limits you to a working list of 100 proxies, compared to the registered version's unlimited number of working proxies. Ufasoft maintains lists of proxies, which current versions of SocksChain will download at the click of a mouse. It also tests them, and marks those that are no longer usable. Delete those and you will have a working list of public proxies. Currently that usually ends-up at around 5-10 working proxies after a fresh proxy-download-and-test cycle.

Once you have downloaded and tested a list of proxies you then click on the "test chain" and add some proxies from the list. If you are chaining proxies, so that two or more proxies will be used, add one or more to the upper "chain-area" box, and one or more different proxies to the lower "final proxy" box. Select how many proxies should be chained, and how often (if at all) the chain should be rebuilt. Add your posting application to SocksChain if you have not already done so, and that's about all the set-up you need.

You will need to update the proxy-list from time to time, because as proxies are used they are shut down. This update only takes a few seconds to download, a couple of minutes to test, and another minute or two to setup your "test chain", so it is not a difficult or time-consuming chore.

How many proxies should you use?

That depends upon the degree of security you feel you need. Remember that the more proxies you put in the chain the slower things go, and the more likely that one or more proxies will fail to deliver the message properly. For posting to UseNet two or three total proxies should be adequate.
 

There are other programs that work in a manner similar to SocksChain.  SocksCap, which is a free program, can encapsulate a program to enable it to run through one proxy, but not a chain. Naturally, that is much less secure than a chain of proxies. There are other programs that allow chaining proxies, but software comes and software goes. It would be best to search-out the latest software at the time you read this.  SocksChain and SocksCap are mentioned only as examples, to give you a head start.  


How much safer is proxy-posting then direct posting?
 

In proxy-posting the posts travel through other computers before reaching the destination server. These computers are running proxy software which, for the most part, does not do detailed logging. Many such proxies keep no logs at all. Some types of proxies are *not* anonymous; in order to remove them from your list of working proxies you will need another tool to determine the degree of anonymity of the proxy. The proxy-verifier in Advanced Administrative Tools, by G-Lock Software, does a very good job of determining the degree of anonymity a proxy provides.  Get it at:

http://www.glocksoft.com/aatools.htm

A fair job is done by Proxy-Checker

http://www.helllabs.com.ua

Which, while it doesn't tell you directly how private a proxy is, will tell you if an HTTP proxy is "Elite". An HTTP-elite proxy is completely anonymous, as Socks-4 and Socks-5 proxies are.

Additionally there are always some websites that provide lists of free proxies, and they usually have web-based testing as well. If SocksChain doesn't give you enough working proxies when you tell it to update, you can easily expand your working repertoire using such a web site. Since these sites go up and down frequently, we're not going to give you links, you should web-search for current sites.

You can always tell the degree of anonymity of a proxy by using it as the sole proxy in SocksChain to send yourself an e-mail (i.e. using Hotmail via the proxy to send you an email at your ISP.) In that case you simply put the proxy into the "Proxy"-field of your web browser- you don't need any other programs.

When you receive that email carefully examine all the headers- is there anything "revealing" in there? If not, then that is an anonymous proxy. Although it might let the server know that it is a proxy, since it isn't passing-on your IP you don't really care.
 

Can you be traced-back even if you use proxies?
 

Not by anyone unless they are willing to spend an awful lot of money! Could -for example- the FBI do it? Yes, if they are willing to expend the resources.

Why "an awful lot of time and money" ? Consider what they would have to do: The final proxy's IP is visible to the news-server you post to; if it's an anonymous NSP then it will only appear in their posting logs (if they even keep any.) The investigator has to subpoena those logs and locate the message IDs of the "offending" messages (Not at all difficult if the NSP keeps logs that go as far back as the posts in question. Most do, but not all.) Then using IPs from the logs the investigator would have to locate the ISPs for those IPs (which ISPs might very well be in other countries,) then ask them to check their logs in order to determine the identity and address of the owner of the computer at that IP at that time. That IP could be in China, Arabia, or anywhere at all.  In the Unites States identity is not privacy-protected information, so no subpoena is required; however in order to prevent abuse by over-zealous law-enforcement officers, a court-clerk may have to issue an order to the ISP. That is because it costs the ISP money to track down users from IPs and date/times, so making LEO jump through one or more hoops minimizes the frivolous inquiries and leaves a paper-trail.

Once the identity of the owner of that computer has been obtained, the investigator then has to either contact that person and request the logs (if they already knew the computer was only a proxy,) or contact the local law-enforcement authorities and ask them to seize the computer first, then query the owner about the posts. The local LEA has no stake in this, they get no convictions from it, there are no "wins" in any way for them. Therefore they aren't very well motivated, and will probably have to be "induced" to obtain the subpoena, or equivalent authorization. 

The owner of that proxy, even if located and contacted, shouldn't know anything about the posts. But there may, or may-not, be logs. Since the owner of the proxy-box may not want LEA reading logs, the owner may-not be willing to voluntarily search them, or turn them over- hence the local LEA has to obtain a warrant to seize and search the computers at that location. They have to move swiftly and with no warning, as it only takes a few seconds to wipe any such "evidence", if the proxy owner has any reason or desire to protect his own privacy.

Even given this degree of co-operation by foreign Law Enforcement Agencies (which have to be reimbursed their costs) all that could be determined would be the IP of the computer that forwarded the information to that box. It could be just another proxy, and not the poster. Also, that next computer could be on yet-another continent!

Remember that the people trying to track you down have no way of knowing which IP in the chain is the origin of the post, or how many proxies you used. What that means is that they would have to try and obtain search-warrants in all these countries to seize and examine every computer they find, any one of which might not keep logs breaking the chain of evidence completely at that point. Such license is unlikely to be granted where there is so little chance of success. So unlikely, in fact, that as of this writing it has never been done for posts to UseNet.

Multiply that by three (or more) proxies on as many continents and you see that even with a three-proxy chain, locating the originating poster is a nearly-impossible proposition. It is a task with a very high cost in both money and man-power, and which has a very low probability of success. Such an undertaking would not normally even be considered unless national security were involved. A warezed copy of a $49.99 program doesn't quite qualify. <BG>

This ends the latest, shortest, and lightest version of The Proxy-Posting Guide.

Happy (safe) Posting!

 

*All software that is used should be purchased*
Copyright© 1996-2007 www.warezfaq.com All rights reserved.