ACCESSING NEWS ANONYMOUSLY VIA SOCKS PROXIES


 INTRODUCTION


         Firstly, I want to say that I think anonimity READING News groups 
seems me much less important that anonimity surfing the Web. Anyone that 
doesn't be thinking of POST to News  groups or be under very special 
circumstances that require additionals precautions, shouldnk if it really
 worth the trouble the job of find the needed resources and the usual 
penalty in    the download speed. 

         The method described in this document has been successfully 
proved with these programs:

              Outlook Express 4
              Netscape Messenger (Communicator 4.6)
              Free Agent 1.11/32
              Forte Agent 1.6/32.525
              SBNews 6.2
              Xnews 2.09.25
              NewsShark 1.0.393
              Binary Boy 1.1
              Autopost 1.01

              (Curiously, NewsBin 3.1, the only Newsreader I have found that
 theoretically supports  Socks, gave errors wether direct or socksified. If 
someone has success with this proggie, please contact.) 



                                          SOCKSCAP


         Socks proxies can manage a wide range of common protocols used in 
the Net, but this text is intended as a quick guide oriented to NNTP 
protocol, if you want to go deeply on Socks, you should start in the 
Sockscap home.

         Firstly, you'll need a working Socks proxy, to find it you should 
do a search in the proper sites for those that use the port 1080.

         Due most of the Newsreaders programs won't have support for Socks,
 we need a dedicated  program that launch ("socksify") this applications. 
The most accessible one is SocksCap, freely provided by NEC. Go to 
http://www.socks.nec.com/ , look for SocksCap and download wether
         SocksCap32 V. 2 Beta 3 for Windows 95/98/NT or SocksCap16 for 
Windows 3.1 (also versions for  Unix/Linux). Install the program and 
configure it following these guidelines: 



                                      SETTING SOCKSCAP


         1) Go on File/Settings. There are three tabs:

              SOCKS SETTINGS: On Server put the name or IP of the Socks 
proxy and the port 1080.  On Protocol, check SOCKS Version 4 -sufficient 
for News. The SOCKS User ID = Nobody   set by default seems fine, maybe
 better if you don't change it.

              DIRECT CONNECTIONS: On Direct Applications and Libraries 
Add WSASRV   LOG: The makers themselves don't recommend the intensive 
use of logging facility, and I personally noticed troubles with this indeed,
 so better if you don't enable Log until you need to check some concrete 
problem.


         2) Adding applications to be socksified:

              a) On File/New browse to find the program.
                  or
              b) Drop an executable file (.EXE) or shortcut onto SocksCap?s 
window. Select New
              application profile from the popup menu.

              Now you can see the Icon of the added application in the 
main window.




                                  TESTING THE SOCKS PROXIES


         Better than go straight to the NewsReader program, I find more 
easy to use a browser to test if the proxy is working.

    1) Add your browser to the Sockscap list following the method provided 
above.
   2) Run socksified double-clicking in its icon into the Sockscap window.

   3) Once inside the browser prove it's configured to use DIRECT CONNECTION, 
this meant to     uncheck any proxy options.

         4) Go to your usual anonymity testing page. If you get a pop up 
window giving error or don't
         have visible response in 10/15 seconds, probably the proxy won't
 permit free connection or it's
         too slow, so CLOSE the browser, put the next Socks proxy in your
 list on Sockscap's SOCKS
         Settings tab and repeat the process until find one working and
 hiding your real IP.





                                     ACCESSING NEWS


         Add your News Readers to the Sockscap list. Run socksified and do
 the usual operations. When  connected to News server open a MS-DOS window 
and type: netstat -a . If you can see the  name of your Newsreader followed 
of the IP/Name or your Socks proxy:1080 instead of theIP/Name of your News 
server:119 (or nntp) the connection is properly being made through
         Sockscap. (If you are running Atguard Firewall you wouldn't need 
to use DOS, just pick Network      Connections in the Dashboard).

         As final test, find a News server that allows posting and do a 
post in some group for testing, like   alt.test , alt.binaries.test or such.
 When the message be displayed, check his Headers/Properties
         and look if it shows your real IP or that of socks proxy. (If you
 are using a News server that  anonymize the messages posted, maybe you 
don't see none). 



                                        Peter Pan 



Written by Mike (Mike@nomail.de) 
                                                  
              Re: help:Automated d/load newsgroups via proxy Reply 1 

    Mike & Peter Pan wrote:
    > Hi folks,
    > 
    > does anyone have some tips for me how to use a news-robot to download
 via a proxy? What tool I can use for it?
    > I use BinaryBoy (www.binaryboy.com) (NO SPAM... Itīs a freeware
 version which displays ads  from time to time if you donīt use e.g. 
AtGuard) for my  newsgroups I can get from my ISP. But like
    you know some newsgroups are only available by some special free 
news-servers (abpep-t). BinBoy
    isnīt   > recieving headers through my anon-proxy, seems to be a bug in
 the current version. What tools do  you use for automated download of 
newsgroups??
    > BinBoy can fetch multiple parts and so on and is a good free tool for 

    > normal newsgroups, but Netscape canīt fetch multipart mails and donīt
 save them in separate
    folders decoded if they are MIME or UUEncoded...
    > Whatīs about Forte Agent? Could it do so?
    > 
    > Thanx guys and continue this good job
    > Mike
    > 
    > Written by Peter Pan  
    > The usual proxies don't cover NNTP protocol (News). You need a
 Socks proxy and launch the   News Reader from Sockscap32. Wether Binary 
Boy or Agent can be socksified. Info at the Pluto's
    site: h*tp://members.tripod.com/~news4newbies/np.htm
 
    Thanx Peter Pan, but allow a newbie in internet-security one more 
question:

    Iīve read the np-site, but BinBoy in itīs currend release will try 
to connect over a Socks5 proxy ( see  Setting/Proxy ). Will I still need 
    Sockscap32?? If I try to get newsgroup-headers with my current proxy,
    nothing happens. Could it be that my proxy doesnīt support Socks5?
    But will try some proxies that support it.

    Thanx very much
    Mike


Re: help:Automated d/load newsgroups via proxy Reply 1 

    Hi again Mike. Yep, you'll need Sockscap AND a special proxy called 
Socks, this is easily  recognizable because of always use port 1080. I 
tested Binary Boy and it works fine. Anyway I have    writen a guide on 
this subject that will be published soon at StillListener's. If you 
continue having   troubles, check his FAQ this week.









Yep Jayjay, this seems wrong, you should see in Atguard's 
Network Connections Proto= TCP ; Executable= the name of your Newsreader ;
 State= Connected/out Remote= Socks_proxy_name:1080 etc. I don't know which
 is your Newsreader, I  have used Outlook Express and worked fine, and I 
read that somebody was using  SBNews succesfully too.


 Forte tested successfully


I installed latest version 1.6/32.525 of Forte Agent and worked both with 
Socks4 and Socks5 through Sockscaps32 V. 2 Beta 3. So, I will repeat the 
procedure step by step, for you and anyone interested.

 1.- Setting Sockscaps32. Go on File/Settings/Direct Connections tab. On 
Direct Applications and Libraries Add WSASRV . SOCKS Settings tab: Put the
 name or IP of the Socks proxy and the port 1080. In Protocol, check SOCKS 
Version 4 (sufficient for News) > OK. Now, on File/New browse to find your 
browser program > OK. Now you can see the Icon of the browser in the main 
window.

 2.- Testing if the proxy will work for you and if it's anonymous (at least
 for HTTP). Open the browser just like usually (not trough Sockscaps yet). 
Go to Preferences or Options and configure to use direct connection, this 
meant to uncheck any proxy options. CLOSE the browser and double-click in the
 icon into the Sockscaps window. Go to your usual anonymity testing page, if 
you get a pop up window giving error or don't have visible response in 10/15
 seconds, probably the proxy won't permit free connection or it's too slow, 
so close browser, put the next Socks proxy in your list and repeat the 
process until find one working and hiding your real IP.

     3.- Opening Newsreader through SocksCaps. Just go again on File/New and
browse for the program. Run socksified, do the usual operations and check if
the connection is being really made through socks proxy, using the Network
Connections in Atguard's Dashboard or opening a DOS window and 
typing: netstat . If you could see the name/IP of the socks_proxy:1080 
instead the name/IP of the New_server_you're_using:119 all goes right. As 
last test, find a News server that allows posting and do a post in some 
group for testing, like alt.test , alt.binaries.test or such. When the 
message is displayed, check his Headers/Properties and look if it shows your
 real IP or that of socks proxy.

 That's all for News, other programs, maybe other details. And remember that
 every time you want to switch proxy must close the socksified program and 
that any program that allows proxy must be set to won't use it to may be 
socksified via Sockscaps32.
     Good luck.