Avoid data trails on the internet: Usage of a filter proxy

Proxomitron officially is Windows - only, though it is claimed by the developer to run on linux, too, if WINE is used.

• Installation
  Get the latest .zip file from this site. You can also try this link to download it directly.
  Proxomitron doesn't need to be installed. Just unzip the file into a newly created directory, say C:\Programme\Proxomitron.

• Filter configuration
  There is a configuration for Proxomitron which comes with lots of extra filters and features. To get it, download the installer from here. Start the installer by double-clicking the file and follow the installation instructions. For those of you who do not trust any .exe file, there is also a .zip version. Download it from here and read the included README for installation instructions.

• Setup
  
  You may either use a ready-to-use config file which is included in the help or online and place it into Proxomitron's directory or do the following guide (in case you want to alter an existing proxomitron configuration):

  ---

  --------------Start of guide--------------

  ---

  Start Proxomitron by double-clicking Proxomitron.exe. Proxomitron's window will appear.
  We will use a configuration level from the downloaded filter pack. Open menu File -> Load config file and choose JD_Extra.cfg.
  Now do this in the menu: File -> Save default settings. This way, you created new default settings which will be loaded every time you start Proxomitron.
  Now load these default settings by clicking File -> Reload default settings. This way, all changes will be applied to default settings.
  
  Make sure the following entries are activated:
  • Web Page Filters
  • Outgoing Header Filters
  • Incoming Header Filters
  • Use Remote Proxy

  To combine Proxomitron with JonDo, press the button Proxy. In the window that appears, click Add.
  

  
  Enter "127.0.0.1:4001".
  Note: If you set a different listener port in JonDo, you'll have to enter this port here too, rather than 4001.
  Confirm by pressing OK. Klick the button Test. Maybe Proxomitron will be blocked by your firewall; admit access permanently. This test may fail in spite of correct firewall settings, never mind. Confirm again by pressing OK.
  Due to these settings, Proxomitron won't fetch traffic directly from Internet, but from JonDo. Unchecking Use Remote Proxy enables you to use Proxomitron without JonDo (and without anonymity), so this is not recommended.

• Filters
  Now the filters need to be configured in a way that enhances anonymity.
  Click Headers. Activate the following (check the column Out or In, depending on what type the filter is (indicated in brackets)):
  Note: Enter a part of the name of the filter into the field Find: and Proxomitron will only show filters that match the search expression.
  • "Referer: Fake All Referrer Info - URL (Out) {7}"
  • Optionally *1): Cookie managagement
    • "Set-Cookie: Never Accept Unwanted Cookies (in) {5.c1}"
    • "Cookie: Kill Unwanted Cookies (Out) {5.c1}"
  Confirm by clicking OK.

  You can find a description of all header filters here.

  (*1) Cookie management using Proxomitron is recommended if you have no other cookie management software. All websites from which cookies will be accepted need to be added to a text file. This list can be found in Proxomitron's directory -> Lists -> CookieList.txt. A more comfortable approach is similar to the one described at Java Applets, only use the list CookieList instead.

  Now press Web page. Some filters need to be activated additionally:

  • "Jump: Out of Invisible Frames {7.d}"
  • "Block: Javascript Trackers {8}"
  • "Block: Image Trackers {8}"
  • "Block: Meta Cookies {5.c1}"
  • "Block: Javascript Cookies {5.c1.js}"
  • "Block: VB and Encoded Scripts {8.d.js}"
  • "View: Cookies Set and Sent {4.d.in}"
  • "Hide: Extra Browser Details {9.d.js}"
  • "Disable: Scripts {10.e.a}"
  • "Disable: ActiveX {8.e.js}"
  • "Disable: Java Applets {8.e.js}" *2)
  • "Inject Style Sheet: Show Kills {2.a.in}"

  You can find a description of all web page filters here.

  ---

  --------------End of guide--------------

  ---

  (*2) Info: Some users might want to use an alternative for blocking all Java Applets that are not on their Allow list: The Filter called "Toggle: Java {4.d}". This is more insecure, since on some browsers Java Applets will still be loaded and only hidden from view. So this is not recommended.

  
  For this filter you will need to declare exceptions to the rule in order to view trusted applets. Before that, we will do browser setup.

• Browser Setup
  Empty your browser's cache to ensure that all content will be received freshly through Proxomitron.
  Now Proxomitron will become your browser's proxy. The approach is similar to the one described here (choose your browser), only this time you use Proxomitron's port, which is 8080 by default. Users of Firefox with installed SwitchProxy Toolbar Plugin should do these settings in the plugin.

  Declare Exceptions
  Note: This approach is exemplary for setting exceptions for Java (list: Allow-Java). You can also set Exceptions for JavaScript(Allow-JS), Cookies(CookieList), Flash(Allow-Flash), JonDo(Bypass-Proxy) etc or to several blocklists together by adding an address to Trusted. Read Trusted.txt to learn which lists are affected. Sites in Trusted will bypass JonDo!
  If you want to declare a specific site as trustworthy for Java applets, just copy the site's address from your browser's address field into the clipboard. Right-click on Proxomitron's icon in the system tray and choose Add to Blockfile -> Allow-Java. Note that the address is automatically inserted into the field without the protocol (e.g. "http://"). Don't insert the protocol, elsewise this entry will not work correctly.

  Example: In order to enable Java for "http://anon.inf.tu-dresden.de/" the correct entry would be:
  
  

  
  Confirm by clicking OK.
  Attention:Doing that, Java will be enabled for every address starting with "anon.inf.tu-dresden.de/", e.g. for all sites of this domain.

• Disable URL Commands
  Click Config, choose the tab Access and make sure Disable URL based Proxomitron commands is checked. Read the help on URL Commands in order to learn why URL Commands are a security risk. To display Proxomitron's help, go to menu Help -> View Help.

• Optionally: SSL support
  Attention: Usage of this library is discouraged. Since Proxomitron cannot decide on it's own whether a received certificate is valid or not, it will decrypt every SSL connection and provide data with it's own security before passing it to the browser. Thus, the user will only see Proxomitron's certificate (which he trusts of course) and won't be able to recognize invalid certificates.
  Proxomitron cannot process SSL encrypted transmissions by default. In order to activate this feature, additional libraries are required.
  • Download
    Get the OpenSSL_DLLs.zip from this site and unzip all three libraries (libeay32.dll, msvcr70.dll, ssleay32.dll) into Proxomitron's directory.

  • Activation
    Click Config in Proxomitron's main window. Choose tab HTTP and activate Use SSLeay/OpenSSL to filter secure pages. Confirm by clicking OK.
    Save the configuration by pressing .