How to run an Anonymous Perl Proxy from a Shell account- (Step-by-Step Tutorial for the Absolute Beginner)

 

About this narrative:

This is meant for those who have little knowledge of computers and internet, but want to a run a proxy that will bypass the internet censorship and provide anonymity to an extent. You are not required to have knowledge of Unix, Proxies or Perl, only some basic computer knowledge will do. Pfproxy is a proxy written in perl language by Randal R. Schwartz, and is modified by Wayne to add anonymizing features. It can be run on a shell account on a port of your choice. This could be useful for those who wish to avoid internet censorship in countries like Saudi Arabia, United Arab Emirates etc. I myself am a not an expert on this, and this is basically explain what I did to get the proxy running.

My thanks to Wayne for teaching me the stuff, Joe for the advise and for providing free Shell account to try out the proxy and Unix, Hat for the contributions and all others from the proxy-users Email list for making me understand things better.

This narrative aims the Windows users.

 

Contents:

Introduction to Proxies

Requirements:

Introduction to Shell Account

Step 1- Opening a shell account with Panix

Step 2- Installing SecureCRT and using it.

Step 3- Using a Shell Account:

Step 4- Downloading and running the pfproxy Perl proxy.

Step 5- Tweaking the Perl code to suit your Shell provider.

Step 6- Changing File Attirbute of pfproxy file.

Step 7- Running pfproxy Proxy

Step 8- Configuring browser to use the pfproxy

Step 9- Turning off or modifying anonymising features:

Step 10- Running the Proxy in the background.

General Causes for Failure

Help

Links

 

Introduction to Proxies

If you are totally new to proxies, I will briefly explain what it is. A proxy allow you to route all the browse requests through it on a particular port number. It could provide caching to speed up browsing or filters to control your web activity. It is possible that your ISP itself provides you a proxy to manage your browse requests. This could be censoring proxy, which could block your access to sites that has porn material etc. One way of bypassing the censoring ISP proxy is to find a public proxy that is not censoring. However this can be prevented by your ISP by blocking the public proxy or port number of the public proxy.

A port is a number between 1 to 65535 which is assigned to specific networking task that is happening on internet. All internet tasks need a port number. Proxies are assigned a fixed port number like 80, 8000, 8080 etc. so that applications like your browser will know on which port that particular proxy can be accessed. ISP’s normally block access to port numbers on which maximum number of public proxies are available. Then you will be left with the option of finding a working proxy that operate on an uncommon port number (say 62415) or on a port that is not blocked by your ISP. Those in the middle east can check Wayne’s site to see which port number is blocked in what country.

The advantage of using pfproxy is that you have a proxy all to yourself and it can be made to work on a port number of your choice. Which mean no matter what port or proxy is blocked by your ISP, you still can make it work on a unblocked port number because no ISP cannot block all the port numbers. The disadvantage is that you may not get the benefit of caching process that speed up browsing, like that a public proxy offer.

Requirements:

 MS Windows Operating System

 

Introduction to Shell Account

To put it roughly a shell account means the permission to use a Unix (in this case it is Unix) computer, by means of an internet connection. Once you have created an account, you will be provided with a username and password which will authorise your connection to the remote Unix machine. Depending on the shell provider you will have some storage space (say 10 mb), an Email address, web site etc.. on your shell. Shell providers vary in giving permission to do what you can do on your shell account. Hence this narrative use the Shell account with Panix (www.panix.com) as the example. Panix, among others, allow you to run pfproxy on your shell account.

Various steps involved in running pfproxy are described now step-by-step

 

Step 1- Opening a shell account with Panix

I have not used a Panix account, hence the details of opening one are taken from Wayne’s site where he describe various account providers..

Panix is in New York - a good choice at $10 per month.

Use your web browser to go there, read around to find out about them. Then go to the signup page and from there to the Single User Registration Page. Fill the online registration form. Opt for a Full Shell 'no-dial' shell account. Choose a Bash shell as your preferred UNIX shell. Paying by credit card is ok (of course, if you have one from outside your residence country, use that). You may have to ring Panix to get it set up if you want it done quickly. A quick call at off-peak times (they're at GMT-5).

Panix problems/solutions

  1. Panix shells have an autologout if you don't send them any data for 15 minutes. If this bothers you, you can remove this by creating a file in you home directory (where you end up at login) called '.profile' (without the quotes). Copy the following into your clipboard and paste into your telnet/secureCRT/netcat (or just type it into your Panix shell):
echo 'TMOUT=0; export TMOUT' >>.profile

Once you have created the Shell Account, move to the next step. There could be a delays to get your account set up and receive the password and user name.

Step 2- Installing SecureCRT and using it.

Download the SecureCRT file from here. Double click the download file to initiate the installation. Once installed start SecureCRT. Get connected to internet the way you normally do. Now you will attempt to connect to the shell provider (assuming you have established the account and have received your user name and password).

From SecureCRT File menu select ‘Quick Connect’

Choose the Protocol as ‘SSH1

Give other details as shown in the picture

The Host Name for Panix will look like ‘panix6.panix.com’. If your account has different one, give that.

Click ‘Connect’

You will be prompted for accepting a registration key, select ‘Accept Once’ or ‘Accept & Save’

You will be prompted for the shell password you received from the Shell provider, provide it.

Once connected you will have a prompt like this (In Panix):

bash-2.04$

or like this with some other shell providers:

[username@servername]$

Bingo! you have successfully logged into a shell account:

 

Step 3- Using a Shell Account:

Windows users who have never used a Unix shell fear not. Imagine it as Dos Prompt (Unix fans please excuse me). Think that only the commands are different (that is a oversimplification). Be warned, normally you cannot USE THE MOUSE on a shell account. To move around I reproduce what I have unashamedly stolen from Hat’s excellent introduction to basic Unix commands from his Stone Tutorial. Plagiarism start here J

The following should work on real shell accounts (and on most free shells also, provided you have permission for some functions).

A basic knowledge of DOS will help with the Unix commands we need to use; I will assume that you have this when we get to the Unix stuff below, so watch carefully.

DOS commands and their equivalent in Unix:

Dos Commands Action Unix Equivalent
     
cd\ Change Directory cd ~
cd.. One sub-directory back cd..
dir/w List Directories ls
Dir List Files ls -l
dir/ah (hidden) List File, including hidden files ls -al
Ren Rename Files mv
Attrib Change File Attributes chmod
Md Make New Directory mkdir
Rd Remove Directory rmdir
Del Delete File rm
Copy Copy File cp
Pkunzip Unzip Compressed Zip/tar File tar

Note: Unix is case sensitive, so if I use lower case here, you must also; if I use a space you must also. This is true for even file names. DOS will let you get away with a lot of things but Unix will not!

End of plagiarismJ

Feel around till you develop some comfort in using the Unix shell. Try different commands and try creating, copying and deleting files etc. You may do a search for 'Baisc Unix Tutorial' on a search engine like Google to learn more on Unix and Shell.

 

Step 4- Downloading and running the pfproxy perl proxy.

We will run the pfproxy from a separate directory called pfproxy, which will create now.

bash-2.04$ mkdir pfproxy

The directory pfproxy will be created. Now go to this directory

bash-2.04$ cd pfproxy

Now download the pfproxy code from Wayne’s site. You may download it using your windows browser to your PC and then upload it to the shell account using SecureCRT. It is still better get the file direct from Shell. To do that type following command at the Shell:

bash-2.04 pfproxy]$ lynx –source https://www.angelfire.com/wy/1waynes/pfProxy.pl >pfproxy

Lynx is a Unix browser. The above command tell Lynx to download and the save the file on your current shell directory with the file name ‘pfproxy’. Note the difference between the file name at Wayne’s site (pfProxy) and the name with you are saving the file (pfproxy). You are saving the file with the name in all small caps. I have done it to avoid confusion. Unix is very much case sensitive and it easy to forget to use the uppercase ‘P’ while typing the file name. So better use only small caps, though it is not necessary.

The file will be downloaded to the current folder. List the files in the directory using ls command to verify that file is copied.

bash-2.04 pfproxy]$ ls -la

you will have the file listed somewhat like this:

bash-2.04 pfproxy]$

-rw-r--r-- 1 username ******* 6848 Aug 31 03:52 pfproxy

 

Step 5- Tweaking the Perl code to suit your Shell provider.

Pfproxy is a Proxy written in Perl programming language. To run it Perl must be installed on the Shell provider’s computer. Most Shell providers have Perl, including Panix. However you need to point the Proxy to the exact location of the Perl in your shell provider’s computer. To find out the location of Perl give the following command and press ‘Enter’ at the shell:

bash-2.04 pfproxy]$ which perl

/usr/local/bin/perl

The text in green is the location of the Perl. The very first line of the pfProxy.pl file has the location of the proxy. The pfProxy file that you downloaded may have the location of the Perl mentioned as follows:

#!/usr/local/bin/perl -Tw

That assume Perl is in /usr/local/bin/perl directory. Compare this with the location you got by giving ‘which perl’ command. For Panix this is /usr/local/bin/perl. If it is the same, good. Otherwise you need to modify the pfProxy.pl file to correct the location. To do that we use a text editor found in Unix shells called ‘Pico’ Type pico pfproxy and ‘Enter’

bash-2.04 pfproxy]$ pico pfproxy

This will start the Pico application with pfproxy file opened. . Pico takes only keyboard input, so be prepared to miss that dear mouse. The bottom of the screen has the commands available to you with Pico.

Scroll up to the very beginning of the file and modify the first line to the location of the Perl on your shell (after #! type the location of perl without any space in between). The picture shows pfproxy file opened in Pico. The first line is the perl location.

 

That done press ^X to come out. You will prompted to ‘Save modified Buffer’ Type ‘Y’ for yes.

You will be again prompted for "File Name to Write’ give it as ‘pfproxy’ (If you give some other name it will be saved with that name without overwriting the original file).

You will be prompted ‘File pfproxy exists, OVERWRITE? Enter ‘Y’ and you are done.

 

Step 6- Changing File Attirbute of pfproxy file.

You need to make pfproxy file an executable file before running. To do that type following at the shell (you must be in the directory where pfproxy file exist)

bash-2.04 pfproxy]$ chmod 755 pfproxy

This will convert the file to an executable. Check this by listing the files again.

bash-2.04 pfproxy]$ ls -la

-rwxr-xr-x 1 username ******* 6848 Aug 31 03:52 pfproxy*

You are finished and can start running the pfproxy proxy.

 

Step 7- Running pfproxy Perl Proxy

You have 2 options on running pfproxy, either on random port that the proxy assign you or on a port the you choose. Running pfproxy on random port is described below:

Step 7a – Random Port method

Give the following command from the directory where the pfproxy file exists.

bash-2.04 pfproxy]$ ./pfproxy

[Thu Aug 31 04:58:27 2000] [18032] running version 1.21 at ./pfproxy line 39.

[Thu Aug 31 04:58:27 2000] [18032] master is http://0.0.0.0:7610/ at ./pfproxy line 51.

The proxy starts and you will see many lines of text on the SecureCRT screen, as shown in the green text. Note the second line. The number 7610 is the port number on which the proxy will run. You need to remember this number as you have to configure your browser proxy setting with this. This is a random number that the proxy has generated. All that is needed now is to configure your browser to use this proxy.

Before describing that I will describe how to run the proxy on a port number of your choice.

Step 7b – Fixed Port method

To do this you need to modify the pfproxy file again using Pico. Open the as described before and go to the section where you will find the following line (it is the 32nd line from top):

my $PORT = 0; # pick next available user-port

The proxy is written to use random port by default. However you change that by changing the number 0 to one that you need to use. Change it to say 15460. The line will look like this

my $PORT = 15460; # pick next available user-port

Note: Theoretically it is possible to use any number between 1-65535, but you will find that many of these numbers are in use at the shell provider’s machine. It is thus safe to chose a number between 12000-65535. If the number you had selected is in use you may get error messages when starting the proxy. Make sure that the port that is selected is not blocked by your ISP.

Save the file as mentioned before and exit. When you run the pfproxy again you will find that proxy runs on port 15460 as shown below:

bash-2.04 pfproxy]$ ./pfproxy

[Thu Aug 31 04:58:27 2000] [18032] running version 1.21 at ./pfproxy line 39.

[Thu Aug 31 04:58:27 2000] [18032] master is http://0.0.0.0:15460/ at ./pfproxy line 51.

Now you can configure your browser to use the proxy on port number 15460.

 

Step 8 -Configuring browser to use the pfproxy

Go to the proxy setup of your browser.

HTTP give panix6.panix.com (or the name of the shell provider you have chosen)

Port give either the random number generated by the proxy (7610 in Step 7a) or the predefine port

number (15460 from Step 7b).

Click ok to come out and start browsing. Make sure that you are connected to the shell provider and that pfproxy is running on the shell account, otherwise you cannot browse. Once you are finished you can close the pfproxy by typing ^C (Ctrl+C) at the shell. You close the shell connection by tying logout at the shell prompt.

 

Step 9 -Turning off or modifying anonymising (anon) features:

The pfproxy by default provides many anonymising features that let you keep information about you private from visiting web sites. This is a useful feature to have as it enhances your privacy. However some sites need to set cookies for it work correctly with your browser. The anon feature of the proxy do not allow cookies. If you need to browse the sites that accept cookies, you may turn off the anon feature. To do that you need to edit the pfproxy file as you did before by using Pico. Once you open the file in Pico, go to the line given below:

my $ANON = 1; # remove cookie sends and saves, IP addresses, and generally make us anon

You need to change it to number 0 if you want to turn off anonymous feature. Once changed it will look like this.

my $ANON = 0; # remove cookie sends and saves, IP addresses, and generally make us anon

Save the file and exit as mentioned before. Then you can run it as mentioned in Step 7.

There other anon features that have been provided with pfproxy, but have been disabled. If you are an advanced user you may enable them to provide more anon features. (by removing # from the beginning of the lines). This may affect the stability of the program under certain shell accounts.

 

Running the proxy in background

You can run pfproxy in the background. To do that give following command. ./pfproxy & (That is a 'space' followed by & sign)

bash-2.04 pfproxy]$ ./pfproxy &
[1] 8925
bash-2.04 pfproxy]$ [Sat Aug 31 13:05:44 2000] [8925] running version 1.21 at ./pfproxy line 39.

Note down the number 8925. That is is the process ID (PID) number assigned to the programs. It is unique on the given machine for any given process. Whenever you run a program in the background and wish to terminate the it you need to give the 'kill' command followed by the PID number. Pressing ^C will not terminate pfproxy when it is running in background. So when you are finished terminate the program as under:

bash-2.04 pfproxy]$ kill 8925

Note: Unless killed, pfroxy will keep running on the Shell, even after you log out. Your Shell provider perhaps may not be so happy about it as it takes up resources unnecessariliy. So make it a practice to kill pfproxy (when run in the background) before you logout.

 

General Causes for Failure

1. Realise commands, file names, usernames, passwords etc are case sensitive. Always make sure commands are given in the right case.

2. Your connection to shell account must remain live and the pfproxy must be running while browsing.

3. Perl need to have certain modules (kind of program components) installed on the Shell provider's computer. A missing Perl module that is required by pfproxy may cause it not to work. The solution then might be to request Shell provider install the missing module. You may need give the error message that you get.

3. Choose a port number that is not at use in Shell provider's computer (if it is you will get an error message) and is not blocked by your ISP.

4. Shell accounts vary considerably from each other. What is shown working here may behave diferently with certain Shell accounts. You will need to find out what works with your Shell provider.

 

Help

Need help? I should be the last one to ask :-). However comments or criticisms are welcome. You might try to get help from these sources:

Ask Wayne by Email on wayne@nym.alias.net

Post queries to www.egroups.com/group/proxy-elites

 

Other Links for the newbies who want try different shell based bypass methods:

Hat’s tutorial on running Stone, a nice proxy and redirector, on shell accounts at this site

My own tutorial on running ssh –R method to bypass censoring on shell account. It is a bit raw.

MySpear's CGI proxy instructions

 

That's all. Have a nice time enjoying the free world.

 

Aseef 

30th August 2000