Introduction
We showed how to use do Nmap scanning with Proxychains and Tor in order to achieve complete privacy and anonymity. We also analyzed the traffic with Wireshark on Security onion and we demonstrated how to evade firewall and Intrusion detection systems with the right Nmap switches.
During an nmap scan, your ip address and other information are logged in the firewall or any destination network device which resides in the network you are scanning. This presents a concern for those who seek privacy. In the video below, we explains how to achieve anonymous status during Nmap scanning using proxychains and Tor network.
Ultimate Guide on How to Stay Anonymous
IP Exposure and Anonymity
The instructor begins by showing how a regular Nmap scan reveals the user’s IP address to ISPs and the target systems. The goal is to hide this IP while performing network scans.
Setting Up Tor
The first step toward anonymizing the scan is to install and run Tor. The video demonstrates how to install Tor using the command sudo apt-get install tor and check its status using sudo service tor status.
After installation, the instructor ensures Tor is running by starting the service and checking that it anonymizes the IP traffic.
Installing Proxy Tools
Privoxy: This tool integrates Tor with web browsers and is essential for maintaining anonymity while accessing websites.
The video shows how to install it using sudo apt-get install privoxy and configure it by editing the configuration file (/etc/privoxy/config) to enable SOCKS5 forwarding through Tor.
ProxyChains: ProxyChains is another important tool used to route Nmap traffic through Tor. After installing it (sudo apt-get install proxychains), the configuration file (/etc/proxychains.conf) is edited to enable dynamic chaining and SOCKS5 with Tor’s default port (9050).
Verifying Anonymity
The instructor demonstrates how to test anonymity by using ProxyChains with Firefox to ensure that traffic is routed through Tor. By visiting websites like “What is my IP,” they confirm that the displayed IP is different from the real IP, showing that the Tor network is masking their identity.
Launching Anonymous Nmap Scans
Using ProxyChains with Nmap allows the user to conduct network scans anonymously. The command sudo proxychains nmap is used to route Nmap through the Tor network.
The video also explains how to enhance the anonymity of scans using various Nmap switches:
- Stealth Scan: A type of scan that sends SYN packets without completing the TCP handshake (
-sS). - Fragmentation: Fragments packets to avoid detection by firewalls (
-f). - Decoy Scan: Simultaneously runs scans from different IP addresses to confuse the target’s detection systems (
-D).
The instructor explains the use of spoofing MAC addresses to further disguise the origin of the scan by impersonating a different device manufacturer (like Cisco).
Other switches like disabling DNS resolution (-n) and avoiding ICMP ping requests (-Pn) are demonstrated to evade detection systems further.
Analyzing Traffic with Wireshark
After running the Nmap scan, the instructor opens Wireshark to capture and analyze the traffic. They show how to track the TCP handshake, ensuring that the traffic is routed through Tor, and highlight the use of decoy IPs in the scan.
