2

I'm trying to setup proxychains on my system in order to randomise my IP address. I want it to use the Tor network. I have installed proxychains and Tor via apt get install and started Tor with service tor start. I have checked the ports Tor is running on with sudo netstat -tanp | grep tor.

tcp        0      0 127.0.0.1:9050          0.0.0.0:*               LISTEN      32529/tor           
tcp        0      0 127.0.0.1:9150          0.0.0.0:*               LISTEN      1483/tor            
tcp        0      0 127.0.0.1:9151          0.0.0.0:*               LISTEN      1483/tor

The proxychains.conf file is currently set to use port 9150 for connections via proxychains.

# defaults set to "tor"
socks4  127.0.0.1 9150

I previously had the proxychains.conf 'loop-back' port set to 9050, which is the default.

With either of these port settings, I still see my public IP address when I run proxychains dig +short myip.opendns.com @resolver1.opendns.com.

 @resolver1.opendns.com
ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| resolver1.opendns.com 
|R-chain|-<>-127.0.0.1:9150-<><>-4.2.2.2:53-<><>-OK
|DNS-response| resolver1.opendns.com is 208.67.222.222
|DNS-request| ::1 
|R-chain|-<>-127.0.0.1:9150-<><>-4.2.2.2:53-<><>-OK
|DNS-response| ::1 is 198.105.254.11
<my public IP>

Exactly the same as the IP address output by dig +short myip.opendns.com @resolver1.opendns.com.

opendns.com
<my public IP>

It does seem to be connecting with Tor, though, as when I set the port to anything not listed in the sudo netstat -tanp | grep tor output, it simply fails to work.

ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| resolver1.opendns.com 
|R-chain|-<>-127.0.0.1:9001-<--timeout

!!!need more proxies!!!
|DNS-response|: resolver1.opendns.com does not exist
dig: couldn't get address for 'resolver1.opendns.com': failure

What is likely to be happening here and how to get proxychains to correctly anonymise my console commands using the Tor network?

Currently the Tor browser is working fine using port 9150 and socks5. Changing socks4 127.0.0.1 9150 to socks5 127.0.0.1 9150 in proxychains.conf does not fix the problem.

Angular4 Kiddie
  • 189
  • I don't entirely understand what you mean by rawsockets. I will try running a wget. – Angular4 Kiddie Mar 14 '17 at 20:33
  • Just check wget to a page that shows your IP address – Rui F Ribeiro Mar 14 '17 at 20:34
  • 1
    wget http://ipecho.net/plain -O - -q ; echo does return a different IP address... – Angular4 Kiddie Mar 14 '17 at 20:36
  • You mentioned rawsockets in your previous comment. Would you be ok to explain what these are, or to point me to an authoritative resource explaining? If possible I would like to be able to run a variety of different commands without my IP address being publicly displayed. – Angular4 Kiddie Mar 14 '17 at 20:37
  • 1
    I was mistaken. dig works with a normal user, so it is not using raw sockets. Raw sockets is essentially bypassing the normal APIs and manufacturing packets...that is why nmap does not work over torify. I prefer torify btw – Rui F Ribeiro Mar 14 '17 at 20:41
  • http://unix.stackexchange.com/questions/327804/how-to-create-a-darknet-tor-web-site-in-linux – Rui F Ribeiro Mar 14 '17 at 20:42

0 Answers0