Tag: Security

Setting Up SSH Tunnels With Putty

Posted by – March 3, 2009

Always ensure secure network connections.

Always ensure secure network connections.

I’ve been playing around with VPN’s and ssh tunnels to try and get my ipod touch to use something secure when I’m connecting to random wireless networks.  Needless to say it’s not working so great.  I want my itouch to tunnel everything through ssh to my server at home, but Apple hasn’t ever thought of that nor can I find any application to do so (and probably won’t as it would need to run in the background which Apple doesn’t allow, at least when your not jailbroken).  It’s leaving me little choice but to jailbreak or else I can’t have secure connections without setting up a VPN over IPsec which is about as fun as it sounds.

So while I was toying around with different things, it occurred to me that many people don’t know how to secure their traffic and prevent people form listening in.  I’m going to show you how you can take a windows PC or laptop, and route web traffic through a shell account you have ssh access to.  I’ll then show you how to setup FireFox and the SwitchProxy extension to use the tunnel efficiently, as well as the basic premise to make any program you have access the tunnel as well.

First I guess I should explain just why you’d want to go to the trouble of doing all this.  Well, whenever you use someone else’s connection whether it be a wireless access point at a coffee shop, shopping mall, neighbor’s or even plugged into a school’s network the bulk of your web traffic is sent as plain text.  This means anyone who wants to can probably listen in on anything you say to your friends on an IM client, or even check your email if your not enforcing SSL.  Even on a WPA or WEB enabled wireless connection your data would be easy enough to sniff if the  attacker has time enough to crack the key.  I know many people who even go to a coffee shop and setup their own laptop to act like an access point, collecting all the information for anyone who connects to it, in a classic man-in-the-middle attack.

Alright, so the first thing you need to do is open Putty.  If you don’t have Putty already get it, it’s one of if not the best terminal program for Windows!  Alright now that it’s open to go ‘SSH > Tunnels’ on the left hand menu.  In this section, click on the radio button marked ‘Dynamic’ and put ‘9999’ (or any port of your choosing, providing it’s not in use) in the ‘Source port’ text box, click “Add”.

Setting Up The SSH Tunnel in Putty.

Setting Up The SSH Tunnel in Putty.

Now go to the ‘Session’ Menu on the left side again, and enter the server information.  Then Name it, and click save.  it should look something like this:

Saving the Session in Putty.

Saving the Session in Putty.

Alright so now that the session is saved with your tunnel settings your now ready to go.  Login to your shell, and just leave it there for now (you can do anything you’d normally do, except leave [which will close the tunnel]), and open FireFox.  Go to Tools > Options, then select the ‘Advanced’ Tab and click on ‘Settings’ where it says “Connection: Configure how FireFox connects to the Internet”.

Firefox connection settings, to put in the address of the SSH tunnel.

Firefox connection settings, to put in the address of the SSH tunnel.

Now select “Manual Proxy Configuration” and for the “SOCKS Host” enter ‘localhost’ and ‘9999’ for the port (unless you specified something else earlier).  Accept all changes.  Your now browsing the web through FireFox securely through your new SSH tunnel.  Keep in mind if you close your Putty terminal you’ll get ‘connection refused’ messages until you either reconnect to the shell or you go into your settings and remove the proxy.

Firefox Proxy Settings.

Firefox Proxy Settings.

Now that you have the basic premise of how to setup your SSH tunnel through Putty, we’re going to install the SwitchProxy Firefox extention to make the switch to secure browsing simple and quick.  SO go ahead and grab a copy of SwitchProxy from the Mozilla Add-on website.  Install it, then restart FireFox (as required).  You’ll now notice that in the bottom right corner it’ll say “Proxy: None”.  You’ll also notice an annoying toolbar, which you can right-click on and remove luckily.

Alright, so right-click the bottom right corner, and select “Manage Proxies”, click “Add” then select “Standard”, name it, enter ‘localhost’ for the ‘SOCKS proxy’ and ‘9999’ for the port, and finally select “SOCKS v5″ and save changes.  You can now right-click SwitchProxy in the bottom corner, and select ‘SSH Tunnel” (or whatever you named it) and switch effortless back and forth between secure and default connections.

Adding the SSH tunnel to SwitchProxy.

Adding the SSH tunnel to SwitchProxy.

Phew.  That seemed like a bit of work, but it’s well worth it to have this setup for whenever you may find yourself in unknown territory.  Keep in mind you can set ‘localhost’ and port ‘9999’ as ANY proxy you find in any program you use in order to secure it.  Pidgin, MSN, AIM are all good candidates as are POP3 and IMAP mail clients if they aren’t (and even if they are) SSL enabled.

I hope this guide helps at least someone out there.  If anyone has an ideas on how to tunnel through on an ipod touch be sure to let me know.

Edit: You may also want to go into FireFox’s about:config (but entering it into the address bar) and changing network.proxy.socks_remote_dns to true.  This will send DNS requests to the tunnel as well for added anonymity.

The Great Facebook Scandal of 2009

Posted by – February 19, 2009

For those of you who are a bit behind in the news, Facebook has changed their Terms of Service as reported by the Consumerist.  These changes stated that not only does Facebook own all your information and content you upload (Pictures, blog posts etc) but they can keep it FOREVER even if you remove your account.

This change has created GIANT ripples throughout the intertubes, causing Facebook to recoil and revert to their old TOS.  Even Mark Zuckerberg had to weigh in to try to calm the masses.  This of course didn’t work so well as people started leaving Facebook which prompted them to add this to the “Delete Your Account” Page:

Please don't leave, we're sorry!  We promise not to do it again until you're not looking!

Please don't leave, we're sorry! We promise not to do it again until you're not looking!

It’s still up in the air whether I’ll decide to leave myself.  It’s nice to be able to stay in contact with others but it’s not worth my information being used for uses I may not agree with.  Not to mention ANY pictures of me, including ones other people upload become the property of Facebook forever.  I’m still not sure how to prevent this, unless it’s already against current privacy or copyright laws.

3 Interesting Videos

Posted by – August 9, 2008

I’ve been slacking off on this blog, so in an effort to liven it up, I thought it’d be nice to post a few of the videos I’ve been watching in my spare time.  I’m not sure whether the original uploader has permission to post these, or what license these were put out under.I’ll keep this short though, and get to the videos :

Discovery Channel’s “The History Of Hacking” Documentary

Interesting and if nothing else, entertaining look at the History of Hacking.  Title sort of tells it all.

Documentary on Google

Although I had a good understanding of the first days of Google and the current goings-on, I found this video quite entertaining and informative.  Definitely a must-see for anyone like me who uses Google Services for almost everything.

Randy Pausch’s Last Lecture

If you haven’t seen this, you must live in a cave as this video has been making the rounds on the Internet for quite awhile.  Probably due to the sadness of the fact that the world lost such a great professor but hopefully more-so the fact that this lecture has a lot of inspiration and is a great motivator for people to really channel their skills and accomplish their dreams.