Tag: Networking

Setting Up SSH Tunnels With Putty

Posted by – March 3, 2009

Always ensure secure network connections.

Always ensure secure network connections.

I’ve been playing around with VPN’s and ssh tunnels to try and get my ipod touch to use something secure when I’m connecting to random wireless networks.  Needless to say it’s not working so great.  I want my itouch to tunnel everything through ssh to my server at home, but Apple hasn’t ever thought of that nor can I find any application to do so (and probably won’t as it would need to run in the background which Apple doesn’t allow, at least when your not jailbroken).  It’s leaving me little choice but to jailbreak or else I can’t have secure connections without setting up a VPN over IPsec which is about as fun as it sounds.

So while I was toying around with different things, it occurred to me that many people don’t know how to secure their traffic and prevent people form listening in.  I’m going to show you how you can take a windows PC or laptop, and route web traffic through a shell account you have ssh access to.  I’ll then show you how to setup FireFox and the SwitchProxy extension to use the tunnel efficiently, as well as the basic premise to make any program you have access the tunnel as well.

First I guess I should explain just why you’d want to go to the trouble of doing all this.  Well, whenever you use someone else’s connection whether it be a wireless access point at a coffee shop, shopping mall, neighbor’s or even plugged into a school’s network the bulk of your web traffic is sent as plain text.  This means anyone who wants to can probably listen in on anything you say to your friends on an IM client, or even check your email if your not enforcing SSL.  Even on a WPA or WEB enabled wireless connection your data would be easy enough to sniff if the  attacker has time enough to crack the key.  I know many people who even go to a coffee shop and setup their own laptop to act like an access point, collecting all the information for anyone who connects to it, in a classic man-in-the-middle attack.

Alright, so the first thing you need to do is open Putty.  If you don’t have Putty already get it, it’s one of if not the best terminal program for Windows!  Alright now that it’s open to go ‘SSH > Tunnels’ on the left hand menu.  In this section, click on the radio button marked ‘Dynamic’ and put ‘9999’ (or any port of your choosing, providing it’s not in use) in the ‘Source port’ text box, click “Add”.

Setting Up The SSH Tunnel in Putty.

Setting Up The SSH Tunnel in Putty.

Now go to the ‘Session’ Menu on the left side again, and enter the server information.  Then Name it, and click save.  it should look something like this:

Saving the Session in Putty.

Saving the Session in Putty.

Alright so now that the session is saved with your tunnel settings your now ready to go.  Login to your shell, and just leave it there for now (you can do anything you’d normally do, except leave [which will close the tunnel]), and open FireFox.  Go to Tools > Options, then select the ‘Advanced’ Tab and click on ‘Settings’ where it says “Connection: Configure how FireFox connects to the Internet”.

Firefox connection settings, to put in the address of the SSH tunnel.

Firefox connection settings, to put in the address of the SSH tunnel.

Now select “Manual Proxy Configuration” and for the “SOCKS Host” enter ‘localhost’ and ‘9999’ for the port (unless you specified something else earlier).  Accept all changes.  Your now browsing the web through FireFox securely through your new SSH tunnel.  Keep in mind if you close your Putty terminal you’ll get ‘connection refused’ messages until you either reconnect to the shell or you go into your settings and remove the proxy.

Firefox Proxy Settings.

Firefox Proxy Settings.

Now that you have the basic premise of how to setup your SSH tunnel through Putty, we’re going to install the SwitchProxy Firefox extention to make the switch to secure browsing simple and quick.  SO go ahead and grab a copy of SwitchProxy from the Mozilla Add-on website.  Install it, then restart FireFox (as required).  You’ll now notice that in the bottom right corner it’ll say “Proxy: None”.  You’ll also notice an annoying toolbar, which you can right-click on and remove luckily.

Alright, so right-click the bottom right corner, and select “Manage Proxies”, click “Add” then select “Standard”, name it, enter ‘localhost’ for the ‘SOCKS proxy’ and ‘9999’ for the port, and finally select “SOCKS v5″ and save changes.  You can now right-click SwitchProxy in the bottom corner, and select ‘SSH Tunnel” (or whatever you named it) and switch effortless back and forth between secure and default connections.

Adding the SSH tunnel to SwitchProxy.

Adding the SSH tunnel to SwitchProxy.

Phew.  That seemed like a bit of work, but it’s well worth it to have this setup for whenever you may find yourself in unknown territory.  Keep in mind you can set ‘localhost’ and port ‘9999’ as ANY proxy you find in any program you use in order to secure it.  Pidgin, MSN, AIM are all good candidates as are POP3 and IMAP mail clients if they aren’t (and even if they are) SSL enabled.

I hope this guide helps at least someone out there.  If anyone has an ideas on how to tunnel through on an ipod touch be sure to let me know.

Edit: You may also want to go into FireFox’s about:config (but entering it into the address bar) and changing network.proxy.socks_remote_dns to true.  This will send DNS requests to the tunnel as well for added anonymity.

Review: Linksys NAS200

Posted by – December 6, 2008

Linksys Network Storage System with 2 Bays (NAS200)

Linksys Network Storage System with 2 Bays (NAS200)

while ago but only a few posts ago I discussed how I had ordered a Linksys NAS200, and I had high hopes, which were a bit downed by poor reviews by others but I was pleasantly surprised with it’s performance.  The price is a bit more than an external USB encloser but I wanted storage that would be network-wide and easily upgradable.  The NAS200 is just that, it supports two drive bays, with SATA2 and SATA backwards compatibility (be sure to move the jumper on your harddrive, as most are set for just plain SATA out of the box).

Some Cool Features (The Good):

  • Network attached, so you don’t need to find some crazy way to hookup a USB network or filesharing through another PC that has to stay on in order for your storage to work.
  • Supports the addition of USB2 drives, for additional storage to be added to your network.
  • Supports FTP and HTTP protocols over the network and Internet for easy off-site filesharing.
  • Built in media server, so you can share media to UPnP AV digital media adapters  (like the Xbox 360, so I can access my movies, music and pictures).
  • Web based management for easy setup and the less technically inclined.  Also worth noting this can be managed off-site, great if you need to add storage to your parents network that you can safely watch over and backup.
  • Price is very competitive.
  • Supports individual, JBOD, RAID 0 and RAID 1.
  • Comes with client backup software.

The Bad:

  • Seems slow to wake-up, when opening windows explorer it’ll hang for about 5 seconds while the NAS’s drive spins up.
  • Slower data transfer rate than I expected from Linksys.  People have clocked it at 3.9mb/s at best.  It’s never really been an issue for me though, but just FYI.
  • During disk scans and power up the NAS will be unresponsive for several minutes.  Not a big deal if you don’t power it off regularly, or schedule disk scans at bad times.
  • Additional USB disks need to be reformatted before they can be mounted.

That’s about it.  Overall I’m quite happy with my purchase, I do feel Linksys dropped the ball though on not adding polish and fixing that data transfer rate.  I use to think Linksys was a good name for quality consumer networking appliances but since their apparently lack of effort on the NAS200 and their failure to update the Linksys router firmware which lead me to using Tomato firmware I’ve changed my mind.  I’ve never had issues with my D-Link hardware.

But I digress.  If you need an affordable backup NAS and don’t mind the slower speed of the transfer rate and the minor kinks, you really can’t go wrong with using the Linksys NAS200.  If you have extra cash to burn for no other reaosn than to get something shiny, or you need quick write-speeds then maybe it isn’t for you.

More Images:

Linksys NAS200 Front Panel.

Linksys NAS200 Front Panel.

Linksys NAS200 Back Panel.

Linksys NAS200 Back Panel.

Review: DD-WRT Vs Tomato

Posted by – December 5, 2008

Linksys WRT54GL: New Heart of My Network

Linksys WRT54GL: The new heart of my network.

Since I bought my new Linksys WRT-54GL router (one of the three new goodies I picked up, reviews and news coming soon) I’ve been using DD-WRT. Originally I was a bit worried about mucking around in the firmware, since the router was working quite well. That was until I tried to grab some stuff off bittorrent, and noticed the speed was incredibly slow, which turns out to be a linksys firmware bug they never fixed. Instant courage.

I was quite overwhelmed with all the cool new features of my router, and was even thinking about setting up an free (possibly ad-sponsored) wifi hotspot. However I was still disappointed in the performance of the router, and DD-WRT seemed large and bulky.  However I had it working to the point where I rarely had an issue, and was pretty happy with DD-WRT unless I thought about it too much.

A few weeks ago though, I’ve found Tomato.  It was in some unrelated Reddit discussion about bittorrent destroying the Internet because they’re using UDP instead of TCP now, you know, garbage.  Upon reading up on Tomato firmware though it seemed to be much more sleek and performance orientated than it’s DD-WRT cousin.  It contained all the basic features you’d need to run a nice personal network or even a small business network (depending on your needs) and not really any useless filler.  This was precisely what I wanted, I’ve always been a performance over features sort of guy anyway.  So I downloaded the firmware AFTER reading the manual and FAQ which is a good idea if you’re upgrading from DD-WRT, it’ll save you a headache when you attempt to login for the first time.

Tomato's basic network settings.

Tomato's Basic Network Settings

Tomato's Bandwidth Monitor (Realtime view)

Tomato's Bandwidth Monitor (Realtime)

As you can see, bittorrent is working.

As you can see, bittorrent is working.

So after installing the Tomato firmware (which was extremely painless, just a straight firmware upgrade through the web GUI) and a reset to default settings then  I was up and running.  I was giddy at this point, scrambling through all the pages admiring the awesomeness of the power I had (I’m sure any geek who gets a new gadget knows what I mean; never lingering on any one feature till you’ve seen them all).  After I calmed down a little I started configuring options, including Quality of Service (Qos), Port Forwarding, DNS addresses and Access Restrictions (to block sites I waste time on when I should be working) etc.  Then I was done.

I’ve now been running Tomato firmware for a few weeks, I have yet to have any issue.  I’ve setup a samba share for it to save it’s bandwidth logs, because I love graphs and it has a built in Common Internet File System Client (CIFS) built-in making it easy.  I’m in love with this firmware, and anybody using anything else really has to give it at least a shot, and if you like it donate to them.

Download Tomato Firmware.

More screenshots:

Tomato's Wireless Survey Tool.

Tomato's Wireless Survey Tool.

Tomato's Qos Graphs. Mmmm...

Tomato's Qos Graphs. Mmmm...

Tomato's QoS Classification Settings

Tomato's QoS Classification Settings.

File Storage Issues

Posted by – August 10, 2008

Drive Partitioning at it's finest.

Drive Partitioning at it's finest.

For quite awhile I’ve had many work-arounds in order to give myself enough file storage to hold my files. Having grown up with an assortment of computers which VERY limited file space, I have always been the type to make-do with very little.

As of late however, I’ve been running into issues being able to not only handle the clutter as I’ve become a disorganized digital packrat of sorts, but actually finding room to put all the files physically.  I’ve tried many different organizational techniques from alphabetical ordering of folders with ‘reference’ and ‘documents’ being the main categorical root directories to using searchlight alternatives for PC and *nix.  Still no luck.

Another option however was getting some NAS (Network-Attached Storage) and working out a rigid storage system policy and sticking to it.  If nothing else, this would solve the problem about running out of physical room for my data.  The main problem being that it costs a few hundred dollars to implement correctly and nicely.  Since I’m the type that can’t really buy anything for myself without feeling guilty, it’s held me back and made me look for less-efficient alternatives instead.

Take for instance my fileserver.  It’s a Pentium II 350mhz with 256mb of ram with only two small hard drives (1x20GB and 1 x 6GB).  I was using this for the longest time to stream my audio and video to my other PCs as well as my Xbox 360.  As of a few months ago I had purchased a new workstation which came with a 180GB Hard Drive, needless to say I was in Heaven.  At least for awhile.

Now that everything is disorganized I wanted a solution.  I want an archive of my files kept separately from the computer, preferably a small case/box that in an emergency (or LAN parties) I can unplug and whisk away and save everything I need.  I’m now willing to solve this problem once and for all.

Linksys Network Storage System with 2 Bays (NAS200)

Linksys Network Storage System with 2 Bays (NAS200)

After browsing the web and looking for some quality equipment for the price I stumbled upon the Linksys Network Storage System (NAS200).  It’s a great brand, decent price and with two HDD spots and an additional 2 USB expansion slots for either thumbdrives or USB Hard Drives it would have all the power and ability I’ll need for my private network.  Another big component is that it should use a lot less power than a full tower, but I’ll be testing this as soon as I get it.

Another option I was contemplating as building my own Mini-ATX fileserver (well, more like another FreeBSD Box with Samba installed).  It’d give me the storage I need and also give it extra extendability as I could script my own cronjobs to tarball and transfer files around.  Best part was I was going to probably build the case out of Lego.  It’d be much smaller and cheaper than that case however.

I eventually decided aginst building my own Mini-ATX server because it’d easily be more costly than just buying the Linksys NAS.  So I’m going to be ordering it along with One or Two Decently-sized hard drives to finally get some breathing room for all my data.

I can’t wait.