SSH Tunnel + SOCKS Proxy Browsing
This article I create for my personal reference since I tend to forget things such as names, addresses, SSH Tunnel configurations, severe acts of nature and so on…
Concerning Tunnels:
A tunnel is usually an underground passage from one place to another. Why is there a reason to go through a tunnel instead above ground I can’t really answer in general, but I sure know why I have to use tunnels in my daily IT routines.
The tunneling allows me to deliver payload securely and also allows me to access resources that are otherwise restricted from my location.
The example below demonstrates the setup of an SSH Tunnel that is used for simple internet browsing.
Microsoft Windows 2000/XP/2003/Vista
When using Microsoft Windows operating systems I create SSH Tunnels using Putty.
1. Connect to an SSH server using Putty.
In this example I am using the hosting for this website.
2. Right click on the SSH Toolbar and select “Change Settings…”
3. On the newly opened windows select Connection >> SSH >> Tunnels. Type in the source port the number “80”. This number is simply an example and you must feel free to use any appropriate port number on your host.
In the destination text box type “localhost” and select the radio button “Dynamic”.
4. Click Add and add other ports if you might need them for some purpose. You should see your Port forwarding rule added as D80 if you have used the above settings. Once you added the port forwarding, apply the change.
Your tunnel is now ready. You can check this with telnet for example.
Linux/Mac OSX/UNIX
Under Linux the configuration is quite simplified compared to windows so no screen shots are neccessary.
Open a terminal and connect to the remote ssh server/host with the following command:
host# sudo /sbin/ssh -p22 -D 80 user@unix.soteks.com
Follows the browser configuration. It is similar config in most operating systems and browsers.
5. In Mozilla (quite similar in IE) open the Options or Properties of the browser. Navigate to Network and select Settings.
6. Select Manual Proxy configuration. Under the SOCKS Host type localhost and for port number put 80. Select SOCKS v.5. Click OK.
Once the above is completed successfully. All of your firefox traffic is being tunneled through the ssh connection that you have done so all the traffic is encrypted.
In addition to such setup I usually use the extra feature to forward by DNS requests through the tunnel too. This is a good idea if your DNS queries are being logged. To do this simply type about:config in the address bar of Firefox and in the filter line search for dns. Find the value network.proxy.socks_remote_dns and change the value to true.
7. In the address tab of firefox type about:config. In the Filter box search for DNS
It is considered a crime to use the above to get to your Friendface websites.
Enjoy.
No need to use
sudo, at least on Mac OS X.host# ssh -D 80 user@unix.soteks.com
Hello Nueh,
You are right however
Privileged portscan only be forwarded by root.In my example I tried with port 80 which is a privileged one, that’s the reason to use sudo. (I use Mac OS X 10.5.7 Darwin Kernel Version 9.7.0)
Which port do you normally use for such proxy?
KR,
St0ma
Does anyone know how to forward this setup to a third box?
$server -> dynamic socks forwarded to $box -> forwarding once more to $boxTwo.
So you want the server to use a socks proxy through ssh to a box1, and box1 to forward this to box2, so actually the server is using a socks proxy to box2? I was thinking about this once but never tried it. Is this what you need done?
Regards,
— St0ma