ACCESSING NEWS ANONYMOUSLY VIA SOCKS PROXIES INTRODUCTION Firstly, I want to say that I think anonimity READING News groups seems me much less important that anonimity surfing the Web. Anyone that doesn't be thinking of POST to News groups or be under very special circumstances that require additionals precautions, shouldnk if it really worth the trouble the job of find the needed resources and the usual penalty in the download speed. The method described in this document has been successfully proved with these programs: Outlook Express 4 Netscape Messenger (Communicator 4.6) Free Agent 1.11/32 Forte Agent 1.6/32.525 SBNews 6.2 Xnews 2.09.25 NewsShark 1.0.393 Binary Boy 1.1 Autopost 1.01 (Curiously, NewsBin 3.1, the only Newsreader I have found that theoretically supports Socks, gave errors wether direct or socksified. If someone has success with this proggie, please contact.) SOCKSCAP Socks proxies can manage a wide range of common protocols used in the Net, but this text is intended as a quick guide oriented to NNTP protocol, if you want to go deeply on Socks, you should start in the Sockscap home. Firstly, you'll need a working Socks proxy, to find it you should do a search in the proper sites for those that use the port 1080. Due most of the Newsreaders programs won't have support for Socks, we need a dedicated program that launch ("socksify") this applications. The most accessible one is SocksCap, freely provided by NEC. Go to http://www.socks.nec.com/ , look for SocksCap and download wether SocksCap32 V. 2 Beta 3 for Windows 95/98/NT or SocksCap16 for Windows 3.1 (also versions for Unix/Linux). Install the program and configure it following these guidelines: SETTING SOCKSCAP 1) Go on File/Settings. There are three tabs: SOCKS SETTINGS: On Server put the name or IP of the Socks proxy and the port 1080. On Protocol, check SOCKS Version 4 -sufficient for News. The SOCKS User ID = Nobody set by default seems fine, maybe better if you don't change it. DIRECT CONNECTIONS: On Direct Applications and Libraries Add WSASRV LOG: The makers themselves don't recommend the intensive use of logging facility, and I personally noticed troubles with this indeed, so better if you don't enable Log until you need to check some concrete problem. 2) Adding applications to be socksified: a) On File/New browse to find the program. or b) Drop an executable file (.EXE) or shortcut onto SocksCap?s window. Select New application profile from the popup menu. Now you can see the Icon of the added application in the main window. TESTING THE SOCKS PROXIES Better than go straight to the NewsReader program, I find more easy to use a browser to test if the proxy is working. 1) Add your browser to the Sockscap list following the method provided above. 2) Run socksified double-clicking in its icon into the Sockscap window. 3) Once inside the browser prove it's configured to use DIRECT CONNECTION, this meant to uncheck any proxy options. 4) Go to your usual anonymity testing page. If you get a pop up window giving error or don't have visible response in 10/15 seconds, probably the proxy won't permit free connection or it's too slow, so CLOSE the browser, put the next Socks proxy in your list on Sockscap's SOCKS Settings tab and repeat the process until find one working and hiding your real IP. ACCESSING NEWS Add your News Readers to the Sockscap list. Run socksified and do the usual operations. When connected to News server open a MS-DOS window and type: netstat -a . If you can see the name of your Newsreader followed of the IP/Name or your Socks proxy:1080 instead of theIP/Name of your News server:119 (or nntp) the connection is properly being made through Sockscap. (If you are running Atguard Firewall you wouldn't need to use DOS, just pick Network Connections in the Dashboard). As final test, find a News server that allows posting and do a post in some group for testing, like alt.test , alt.binaries.test or such. When the message be displayed, check his Headers/Properties and look if it shows your real IP or that of socks proxy. (If you are using a News server that anonymize the messages posted, maybe you don't see none). Peter Pan Written by Mike (Mike@nomail.de) Re: help:Automated d/load newsgroups via proxy Reply 1 Mike & Peter Pan wrote: > Hi folks, > > does anyone have some tips for me how to use a news-robot to download via a proxy? What tool I can use for it? > I use BinaryBoy (www.binaryboy.com) (NO SPAM... Itīs a freeware version which displays ads from time to time if you donīt use e.g. AtGuard) for my newsgroups I can get from my ISP. But like you know some newsgroups are only available by some special free news-servers (abpep-t). BinBoy isnīt > recieving headers through my anon-proxy, seems to be a bug in the current version. What tools do you use for automated download of newsgroups?? > BinBoy can fetch multiple parts and so on and is a good free tool for > normal newsgroups, but Netscape canīt fetch multipart mails and donīt save them in separate folders decoded if they are MIME or UUEncoded... > Whatīs about Forte Agent? Could it do so? > > Thanx guys and continue this good job > Mike > > Written by Peter Pan > The usual proxies don't cover NNTP protocol (News). You need a Socks proxy and launch the News Reader from Sockscap32. Wether Binary Boy or Agent can be socksified. Info at the Pluto's site: h*tp://members.tripod.com/~news4newbies/np.htm Thanx Peter Pan, but allow a newbie in internet-security one more question: Iīve read the np-site, but BinBoy in itīs currend release will try to connect over a Socks5 proxy ( see Setting/Proxy ). Will I still need Sockscap32?? If I try to get newsgroup-headers with my current proxy, nothing happens. Could it be that my proxy doesnīt support Socks5? But will try some proxies that support it. Thanx very much Mike Re: help:Automated d/load newsgroups via proxy Reply 1 Hi again Mike. Yep, you'll need Sockscap AND a special proxy called Socks, this is easily recognizable because of always use port 1080. I tested Binary Boy and it works fine. Anyway I have writen a guide on this subject that will be published soon at StillListener's. If you continue having troubles, check his FAQ this week. Yep Jayjay, this seems wrong, you should see in Atguard's Network Connections Proto= TCP ; Executable= the name of your Newsreader ; State= Connected/out Remote= Socks_proxy_name:1080 etc. I don't know which is your Newsreader, I have used Outlook Express and worked fine, and I read that somebody was using SBNews succesfully too. Forte tested successfully I installed latest version 1.6/32.525 of Forte Agent and worked both with Socks4 and Socks5 through Sockscaps32 V. 2 Beta 3. So, I will repeat the procedure step by step, for you and anyone interested. 1.- Setting Sockscaps32. Go on File/Settings/Direct Connections tab. On Direct Applications and Libraries Add WSASRV . SOCKS Settings tab: Put the name or IP of the Socks proxy and the port 1080. In Protocol, check SOCKS Version 4 (sufficient for News) > OK. Now, on File/New browse to find your browser program > OK. Now you can see the Icon of the browser in the main window. 2.- Testing if the proxy will work for you and if it's anonymous (at least for HTTP). Open the browser just like usually (not trough Sockscaps yet). Go to Preferences or Options and configure to use direct connection, this meant to uncheck any proxy options. CLOSE the browser and double-click in the icon into the Sockscaps window. Go to your usual anonymity testing page, if you get a pop up window giving error or don't have visible response in 10/15 seconds, probably the proxy won't permit free connection or it's too slow, so close browser, put the next Socks proxy in your list and repeat the process until find one working and hiding your real IP. 3.- Opening Newsreader through SocksCaps. Just go again on File/New and browse for the program. Run socksified, do the usual operations and check if the connection is being really made through socks proxy, using the Network Connections in Atguard's Dashboard or opening a DOS window and typing: netstat . If you could see the name/IP of the socks_proxy:1080 instead the name/IP of the New_server_you're_using:119 all goes right. As last test, find a News server that allows posting and do a post in some group for testing, like alt.test , alt.binaries.test or such. When the message is displayed, check his Headers/Properties and look if it shows your real IP or that of socks proxy. That's all for News, other programs, maybe other details. And remember that every time you want to switch proxy must close the socksified program and that any program that allows proxy must be set to won't use it to may be socksified via Sockscaps32. Good luck.