I began this project with the intention of using a linode VPS as a proxy, which has a separate public ip than my home address (obviously). However since this didn't originally function properly due to a lack of foresight regarding iptables rules on both the VPS & firewall configuration on the windows host using the proxy, I switched to having a virtual machine, kali, run the squid proxy. We'll begin with the initial configuration on my VPS, with the steps taken from Linode's instruction page (https://www.linode.com/docs/networking/squid/squid-http-proxy-ubuntu-12-04) :
After the installation, we begin with a quick backup of the original config file :
Squid has a large config file, so we skip to the end and add two rules, adding a client with a local ip address, and then enabling http access, thereafter restarting squid for the changes to take effect :
In order to anonymize the ip of the host using the proxy, additional rules can be added to the configuration file, under where we inputted the previous two. these are chronicled on Linode's site :
Under the 'advanced' tab of the Pale Moon browser's options, the browser is set up to use the proxy just established. However as mentioned before we run into trouble & it fails to work :
During a later try, I instead routed traffic through a kali VM on my local network, which was set up with squid (ip addr = 192.168.178.60). My windows machine had two new rules added to its firewall configuration & the kali VM had its iptables edited to allow outbound connections. The packet capture shows the vpn in use (traffic moving from .34 to .60 & outbound). First, the firewall rules for our windows host using the proxy :
Now, we allow outbound connections on our virtual machine running squid :
As before, the Pale Moon browser was configured to use the new proxy. Interestingly, a look at activity on network interfaces using wireshark on the windows host showed zero activity while I was actively browsing websites :
In order to view the traffic information, I had to run wireshark on the virtual machine running the squid proxy. In spite of some sites being met with a 403, I could access a number of other websites, with the corresponding traffic showing up in the pcap file :
No comments:
Post a Comment