Windows Update is a tricky thing.
It can use a proxy server (see
one of my previous posts on this), but it won't use the same proxy as you've set in "Control Panel" / "Internet Options" (aka. IE's proxy settings). Windows XP has a "hidden" HTTP service (it's actually a driver visible in "Device Manager" under "Non-Plug and Play Drivers") and Windows Update uses this service to access Microsoft's servers. To set a proxy for this service, you've to use the
proxycfg
command line program. However setting a SOCKS proxy won't take any effect (at least it did not for me, neither for airwin). But there're ways to get around this.
I've found two methods.
- Windows Update does work through a HTTP proxy, thus you could use a local HTTP proxy that supports chaining to SOCKS proxies. You could set Windows Update with
proxycfg
to use the local HTTP proxy, and set the HTTP proxy to use the given SOCKS proxy. There're a few such tools. Eg. Privoxy can do this ... or you could pick any HTTP proxy and use a "sockisfier" to add SOCKS capabilities to it (there're quite a few ... eg. free ones are FreeCap, Hummingbird SOCKS client, SocksCap ... a commercial one is ProxyCap).
- You can use a "low-level" socksifier that can add SOCKS capability even to Windows services. For this one to work the socksifier program has to load before the first service loads that uses
svchost.exe
(the "Generic Host Process for Win32 Services"), since an instance of this executable tries to connect to MS's webservers, when you start the Windows Update process. One program capable of socksifying svchost.exe
(aka. Windows services) is WideCap. It comes from the developer of FreeCap, but he rewrote the whole thing. WideCap hijacks Winsock (the socket subsystem of Windows networking), thus it's like a virtual network driver on top of Windows' TCP stack. It can redirect all TCP connections to a SOCKS server right from the start ... including all Windows services. However this tool is shareware (you can use it for free only in a 30-day trial period) and due to a small design glitch you've to hack its settings a little bit to make it socksify the services running through svchost.exe
. The problem is that WideCap stores all of its settings in the user's registry that installed the application. You've to set up WideCap, export the program's registry from the current user's tree to disk (it's HKEY_CURRENT_USER\Software\Bert's Software\WideCap
for me), replace the registry key pathes with the path of the SYSTEM
user's registry (it's HKEY_USERS\S-1-5-18\Software\Bert's Software\WideCap
for me) and import it back to the Windows registry. The SYSTEM
user comes into the game, because the given svchost.exe
(that makes the connection to the MS Windows Update servers) runs with SYSTEM
's credentials ... thus when the service (svchost.exe) starts, the WideCap driver will have access only to SYSTEM
's registry. This method is definitely not for novice users. However I'm happy to have learnt about WideCap, it's a very nice piece of software ... a sort of Swiss army knife for socksifying programs ... even Windows services.
P.S.: you might want to check out
this Wiki page for some other socks proxies and socksifiers.
Comments
Installing Google Chrome Behind a SOCKS Proxy
Problems with Privoxy
Saved my day, thanks!
My final setup:
- PuTTY back to home, with tunneling configured as D8888 (dynamic, source port 8888).
- Privoxy chains HTTP/HTTPS proxy requests to PuTTY: forward-socks5 / 127.0.0.1:8888 .
- Have IE use 127.0.0.1:8118 (privoxy proxy) as the proxy server.
Now all worked!
Re: Saved my day, thanks!
I have found that Widecap is
use super socks5cap
Re: use super socks5cap