Jump to content

Ssh Proxy Content Still Blocked


G-Stress
 Share

Recommended Posts

Doing a little testing on a public network. A town I use to live in currently provides free wifi with some sort of portal. At first I wasn't able to ssh, rdp, nothing, but I was able to surf. Somehow after a few sites I got redirected to the usage agreement. I accepted and then was able to rdp, ssh, etc. Their using OpenDNS for their DNS server's however I left DNS to auto and even set it to manual using google's DNS servers.

The issue is, some site's were blocked via OpenDNS content filtering. I ssh'd back home using a socks proxy, but somehow the same sites were still blocked by OpenDNS? How is this? RDP was fine back home, but I don't understand if I'm using a proxy via ssh how can any standard http site be blocked?

Link to comment
Share on other sites

I have set up webserver with phproxy to get trough firewalls and content filtering.

I have Apache server with php and self created ssl cert.

And phproxy. Then when i want to heve secure access I go to my dyn dns address and have a proxy with ssl.

If you set ssh running on non standard port such as 80 or 443 you can almost always be able to ssh back home.

Link to comment
Share on other sites

i would do exactly what Jarmo suggested, set up your own proxy server with Apache, SSL and PHProxy or Glype. And use it to bypass any blocked website you want.

Now when you used SSH did you create a dynamic sock or port?

If you are not sure, what I mean watch this hak5 segment.

http://www.hak5.org/episodes/episode-614

Link to comment
Share on other sites

Sounds like your SSH proxy was not setup properly, and you were still using their settings. The other option is to manually override OpenDNS one of two ways. Either add alternate DNS servers in your NIC configuration so you don't use OpenDNS, or logon to the OpenDNS site from the location you are at, add the current IP listed they give you, and set the settings you want.

The second, probably a grey area as to the legality, but if you use OpenDNS at home and have an account with them, and logon from a site that uses the service, I'm not sure what will happen, but might be able to add sites you want to allow. Problem is whether or not this is considered illegal since you have a legit account with them, but happened to login to it from a remote IP that also uses the service, which will take priority over the others settings, I'm not sure. Consult the local laws before attempting this though, as its probably not the smartest thing to do.

Edited by digip
Link to comment
Share on other sites

@ Jarmo,

That sounds like a plan. I think i will try to do that tonight. Is there an available tutorial for proper config for that setup?

@ infiltrator,

I used dynamic port 7070 as mentioned in a post sometime ago by digip. I've used that same setup and config for about 2 years now I cant remember what thread it was in. This setup has always worked fine until now.

I set the web browser to use socks proxy port 7070 after I'm connected via ssh and ipchicken is correct with my home ip.

@ digip

I did enter googles dns servers in the nic config. I've never really messed with any configuration of opendns other then just adding their servers in the nic config. The ssh setup im using is one you suggested in a thread a few years ago i just can't remember what it was called. You mentioned creating a batch file and openssh.

Thanks guys. I think i will try what Jarmo suggested as it something new for me to play with.

Link to comment
Share on other sites

Well there are some guides installing apache with php and configuring ssl certs.

If you have a spare computer or laptop laying around, you could install http://www.turnkeylinux.org/lamp turnkeylinux lamb. Its Ubuntu 10.04, which will configure itself when installing. It will create all apache2 configs with ssl cert. Really easy, I recommend it.

Then just download PHProxy and copy it to servers websites folder.

Then you just need to forward ports your using to that server.

If your using linux as your main OS you can install apache etc. to it.

Then you just need to configure it.

Or install turnkeylinux lamb to virtualbox and copy configfiles there.

Edited by Jarmo
Link to comment
Share on other sites

What you need in order to set up a proxy server are:

Apache

http://apache.org/

SSL

http://www.openssl.org/

PHP

http://php.net/

and PHProxy

http://sourceforge.net/projects/poxy/

Installing Apache is the easiest part, download it and run the installer.

For the php installation part, here is a tutorial.

http://www.thesitewizard.com/php/install-php-5-apache-windows.shtml

Once php is installed you will need to install SSL

http://onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html

Once SSL is configured and running, unzip the phproxy files in the Apache HTTPdocs directory.

And test it out to make sure it all works. Good luck! If you need any help let me know.

Edited by Infiltrator
Link to comment
Share on other sites

What you need in order to set up a proxy server are:

Apache

http://apache.org/

SSL

http://www.openssl.org/

PHP

http://php.net/

and PHProxy

http://sourceforge.net/projects/poxy/

Installing Apache is the easiest part, download it and run the installer.

For the php installation part, here is a tutorial.

http://www.thesitewizard.com/php/install-php-5-apache-windows.shtml

Once php is installed you will need to install SSL

http://onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html

Once SSL is configured and running, unzip the phproxy files in the Apache HTTPdocs directory.

And test it out to make sure it all works. Good luck! If you need any help let me know.

Will definitely do. Thanks alot guys. I have heard of phproxy many times and wanted to play with it. Now is the time.

Thanks :)

Link to comment
Share on other sites

Will definitely do. Thanks alot guys. I have heard of phproxy many times and wanted to play with it. Now is the time.

Thanks :)

FYI,

There is also Glype but it's a lot slower than Phproxy.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...