Ethical hacking is considered to be the bright side of hacking because it is used to enhance security. But even if ethical hacking is legal, it is not completely safe for an ethical hacker, and as a result, anonymity is like a shield. In this blog, I will tell you why anonymity is important for an ethical hacker and how one can increase their level of anonymity.
These are the topics I will cover in this article:
- Why is Anonymity important for Ethical Hacking?
- Proxychains for Anonymity.
- Anonsurf for Anonymity.
- MacChanger for Anonymity.
You may also like: Reverse Proxy: What, When, How.
Why Is Anonymity Important for Ethical Hacking?
This is a common question I have been asked when I tell someone about being anonymous for ethical hacking. The answer to this is, “Because you are not alone.”
Let me explain this briefly. If you are an ethical hacker, then an organization has given you permission and due to this, you might think that you are not in trouble. But keep in mind that while you are trying to find a vulnerability, there might be some other hacker in the network. To protect yourself from that hacker, you need to be anonymous.
You never know who else is in the same network that you are in. If another hacker finds out that there is someone else in the network, then he might try to hack your system. This is why anonymity is important even for Ethical Hackers.
Now, that you know why anonymity is necessary, let’s see how you can be anonymous. I will discuss three ways to protect your identity, using Anonsurf, Proxychains, and MacChanger for ethical hacking.
Proxychains for Anonymity
Before understanding how to use Proxychains for ethical hacking, let me tell you what Proxies are. Do you know what happens when you request a server for some web page? The request is sent from your system to a server. The server processes the request and responds with the data that you requested. Then, this response is sent to your system.
Well, how do you think the server identifies your system? Through your IP address!
The IP address can be used to identify the hacker’s system and a proxy is a way to avoid this. A proxy redirects the requests from your system to the main server through the proxy server. Using this, the IP address of your system is hidden because the request made to the main server is through the proxy server.
When you use Proxychain for ethical hacking, instead of one proxy server, your request gets redirected through multiple proxy servers. This makes tracing back the IP difficult. Now that you know what Proxychains are, let’s see how to use Proxychain for ethical hacking.
To install Proxychain, open the terminal and run the following command:
$ sudo apt-get install proxychains
Next, you need to make some changes to the configuration file. Open the proxychains.conf file.
$ sudo nano /etc/proxychains.conf
In this file, by default, the line
dynamic_chain is commented and the line
strict_chain is not commented out. Remove the comment from
dynamic_chain and comment out
strict_chain.This is to make Proxychain work even if few proxy servers are not online.
To make Proxychain more effective, let’s add some more proxy servers. Scroll down to the end of the file and you will see a default proxy server. Add the following lines at the end of the file:
socks4 18.104.22.168 44034 socks4 22.214.171.124 32591 socks4 126.96.36.199 4145 socks4 188.8.131.52 4145 socks4 184.108.40.206 4145 socks4 220.127.116.11 4145
Proxy server list
I suggest you add more proxy servers. You’ll find the details of proxy servers with a simple “proxy server list” search on the internet.
Finally, save (Ctrl+O) and exit (Ctrl+X) the file.
Before using Proxychain, check if your IP address is traceable. To check this, open a browser and open the following URL: https://www.dnsleaktest.com. This website will display your IP address. Close the browser. Now, let’s try Proxychain.
The syntax to run proxychain is:
$ proxychains <application/command>
Let’s run Proxychain and see if it works. Open the terminal and run the following command:
$ proxychains firefox www.dnsleaktest.com
You can now see that the IP address has changed.
DNS leak test
Now, click on Standard Test. If the proxy servers you are using are online, then you will be shown different IP addresses that hide your actual IP address.
Proxychain is a great way to hide your IP address. But it is not enough. To add another layer of anonymity, you can use Anonsurf.
Anonsurf for Anonymity
Anonsurf is a tool that will help you stay anonymous by routing every packet through TOR relay. When you use Anonsurf for ethical hacking, all the traffic from your system goes through a TOR proxy server due to which your IP address is changed.
Now, let’s see how to install and use Anonsurf for ethical hacking on Ubuntu.
To download Anonsurf, run the below command in the terminal:
$ git clone https://github.com/Und3rf10w/kali-anonsurf.git
Next, you will have to install Anonsurf. To do this, run the following commands in the terminal:
$ cd kali-anonsurf/
Now that Anonsurf is installed, let’s see how it works. But before that, let’s check if your IP is traceable. To check this, open any internet browser and open the following URL: https://www.dnsleaktest.com.
This website will display your IP address. Now, close the browser and run Anonsurf.
To start Anonsurf, run the below command in the terminal:
$ anonsurf start
Now, open the browser again and go to https://www.dnsleaktest.com. You will see that your IP address is changed. This means that the traffic from your system is being routed through another server.
To know about other options of Anonsurf for ethical hacking, run the following command in the terminal:
Anonsurf help doc
Anonsurf and Proxychains help you hide your IP address. But it is hiding the IP address enough? Not at all! The next level of Anonymity can be achieved by changing the MAC address.
MacChanger for Anonymity
Every device has a unique MAC address assigned to it by the manufacturer. This MAC address is stored in the router’s table when you are connected to it. Because the MAC address is unique to every device, it can be used to identify the system/ device that was used by the hacker, which might result in revealing your identity.
To avoid getting identified by your MAC address, you can temporarily change it. This is where you can use MacChanger for ethical hacking. MacChanger is a tool that will change the MAC address of a device to a fake MAC address until the device is rebooted.
To install MacChanger, run the below command in your terminal:
$ sudo apt install macchanger
Now, let me tell you how you can change the MAC address of a network device.
To check which devices are available on your system, run the below command in your terminal:
Look at the MAC address of the interface ens33, I will be changing this to some random MAC address. To change the MAC address, I will run the following command in the terminal:
$ sudo macchanger -r ens33
Note: You might have different interfaces on your system, make the changes in the above command accordingly.
You can see that the MAC address has been changed. MacChanger is a simple, but important tool to hide a hacker’s identity. You have learned three ways to maintain your anonymity. There are many such tools hackers use to keep themselves anonymous. I suggest you research more on how else you can increase your anonymity.