Install a SQUID anonymous proxy

squidanonymousproxy.md

1. Install SQUID

apt-get install squid

2. Create an user

htpasswd -md /etc/squid3/users myuserlogin`

3. Configure Edit the file /etc/squid3/squid.conf :

vi /etc/squid3/squid.conf

Add or Replace :

# The command for the external authenticator
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/users
# The maximum number of authenticator processes to spawn
auth_param basic children 2
# Text the user will see when he will log in
auth_param basic realm Hello
# Specifies how long squid assumes an externally validated username:password pair is valid for
auth_param basic credentialsttl 4 hours

# Autorize an IP Adress range
acl ip_authorized_1 src x.x.x.x-x.x.x.x

http_access allow authenticated ip_authorized_1

3. Anonymize (Configure next)

header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Enncoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Cookie allow all
header_access Set_Cookie allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all

via off

forwarded_for delete

Only the two last line are very very important (and usefull):

via off
forwarded_for delete

service squid3 start

Headers with proxies

{
    "Host": "proxy.robin-d.fr",
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
    "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/38.0.2125.111 Chrome/38.0.2125.111 Safari/537.36",
    "Accept-Encoding": "gzip,deflate,sdch",
    "Accept-Language": "fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4",
    "Cache-Control": "max-age=0",
    "Connection": "keep-alive"
}

Headers without

{
    "Host": "proxy.robin-d.fr",
    "Connection": "keep-alive",
    "Cache-Control": "max-age=0",
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
    "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/38.0.2125.111 Chrome/38.0.2125.111 Safari/537.36",
    "Accept-Encoding": "gzip,deflate,sdch",
    "Accept-Language": "fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4"
}

Bonus. Multiple IP for the same installation :

acl ip1 myip XX.XX.XX.XX
acl ip2 myip XX.XX.XX.XX
acl ip3 myip XX.XX.XX.XX
tcp_outgoing_address XX.XX.XX.XX ip1
tcp_outgoing_address XX.XX.XX.XX ip2
tcp_outgoing_address XX.XX.XX.XX ip3

Thanks to :

• Inline SQUID Doc
• http://serverfault.com/questions/241918/how-can-i-prevent-squid-from-being-detected
• http://www.hackersgarage.com/highly-anonymous-proxy-squid-2-6-stable21-release.html
• http://linuxaria.com/pills/setup-squid-to-use-multiple-outgoing-ip-addresses

What's the difference between Headers with proxies and Headers without? The order?