I hope you enjoy the new video! Please Like and Subscribe by clicking here: studio.ru-vid.com/show-UC39GKRsNps38x7UzydcOZ9w Follow me on Twitter: twitter.com/NielsenNTWKING Chapters: 00:00 Introduction 01:13 Without a Proxy Explained 03:23 Proxy Servers Explained 04:49 Proxychains Explained 06:23 Tor Explained 08:12 Single Proxy Configuration 14:14 Multi Proxychains Configuration with Nmap scanning demo 18:20 Tor Configuration
I am still here, just super slammed with my real job! :P I plan to create/upload more often now that things have finally slowed down a bit., for now...
For some reason it's not working. Maybe Im unlucky with proxies, or bad configuration, but I did everything thats in video. Noticed one thing, that when I run command, I get this output "[proxychains] DLL init" instead of as in video "[proxychains] DLL init: proxychains-ng 4.16". When I run wget, it works.
Hey there! Here are some awesome titles that I think would be perfect for this amazing video. It really deserves a catchy and engaging title! "Discover the World of Anonymity: Exploring the Power of Proxychains and Tor for Secure Penetration Testing 🔒" "Stay Off the Grid: How Proxychains and Tor Can Protect Your Privacy and Security Online 🛡" "Unleash Your Anonymity: Using Proxychains and Tor for Advanced Penetration Testing 🌐" "Mastering Online Privacy: Diving Deep Into Proxychains and Tor for Effective Penetration Testing 🕵♂" "Unlock the Power of Anonymity: Embracing Proxychains and Tor for Enhanced Penetration Testing 🗝"
whonix is far superior to proxy chains as far as privacy goes. But thats really comparing apples to oranges. Whonix is an entire operating system ran via virtual machine. Your entire connection is routed through tor. Why i say its far superior is bc that reason and the fact that it is specifically designed to leave less of a footprint or fingerprint, if you will. What I mean is that you can be identified by all sorts of things that your computer or browser leaves behind besides just your IP. DNS leaks for example or your user agent and other configurations can be used to identify you. There are other advantages of using Virtual machines and whonix as well. Like sandboxing or isolating your computer. Say you are messing around and you end up with malware for some reason, that malware is isolated to your virtual machine and you can just destroy it and create a new one. Simple as that
@@jeffinaughe3448 Really depends on your use case, what you are doing, what you are trying to accomplish, what your threat level is, who your adversary is, and that kind of stuff. Which is better would be subjective to some degree and is dependent on many factors and also preference. Say my anonymity isn't a matter of life or death, maybe I've just done some snooping out of scope or I'm working on a project and I need access to company resources or data on the computer I'm on. It may make more sense to bring up something like anonsurf. On the other hand, say my anonymity is what stands between me and the fbi kicking in my door, I'd be more inclined to go for a more robust solution like whonix. Whonix would be considered several degrees safer, or better equip to protect your identity than anonsurf in these types of scenarios. The reason for that is anonsurf is ran on your host machine, where as whonix would be run in an virtual machine. That virtual machine (actually 2 in the case of whonix!) provides another layer of protection. As in the concept and practice of sandboxing or containerizing your environment, you are isolating yourself from where your threat is. Don't assume that you can't be identified in any circumstance. Even with whonix, which isn't the most secure solution, in my opinion, there will be some some chance that you are identified. Misconfiguration, for example, would be a real threat for someone that is new to the topic or doesn't know the software and technology thoroughly. THIS IS AN ABSOLUTE MUST FOR YOU TO UNDERSTAND and I cannot emphasize this enough... Remaining anonymous or hidden online takes more than just the right tools and software., you'll have to learn best practices and adjust your habits and behaviors extensively most likely. There is no full proof way or 100% guarantee that you wont be identified, especially if your threat level is something on the magnitude of nation-state threat actors like the suits, the men in black, the alphabet boys, or what have you. You would have to find a way to seperate yourself from your identity. To illustrate hypothetically, leave your house without your cell phone, smart watch, credit cards, anything of that sort. Acquire you a system, device, laptop, what ever your gonna be working with with cash money in a way that can't be traced to you (like a store or private seller with no cameras. maybe a crack head in a back alley, you get the point). Then go to a location that you can get online that isn't and cant be linked to you in anyway (No cameras, no logbooks, no employee, clerk, librarian, guard, or anyone that would identify you being at that location at that time.) Pro tip: A yagi antenna, a cantenna, or a parabolic antenna may allow you to work from home or nearby at least. It can be utilized to crack your neighbors wifi or someone a block or two away and connect through their internet. Worst case, you'll at least have a bit of a heads up so you can flush or destroy your narcotics or evidence while your neighbor is being raided by the feds 😆 But that scenario aside, you must never have your phone in the same location as your device you don't want to be identified or linked to you. If your phone happens to be in the same location as the device that has been linked to said crimes, they have just linked you to the device. You may as well assume that a nation-state actor has unlimited access to your cell phone. Location, cameras, microphones, gyro, and what ever else sensors that thing has. I wouldn't be surprised if they could tell your heart rate and stress level, your pulse, if your asleep, if your nervous or anxious, if your leg is bouncing as some people do when theyre anxious. What my point is it wouldn't be hard for them to find out who has been in the same location as said device. Most phone carriers are quick to cooperate with LE whether it's a legal request or not. They then pull up who was in 'X' location as 'Y' time for several known instances. I feel like this should be called a "correlation attack" but that is actually another issue that has been problematic for Tor. Well this was most certainly more than you had inquired about, but hope this shed a little light on the whole subject and you can see its not really just a matter of yes or no, better or worse, black or white, good or bad
I will be putting out a video on Whonix in the near future, going over the install process, use case, and directly compare it to Proxychains. So be on the lookout. :)
