Jump to content

Ssl Tunneling

singh763173

By singh763173
in Questions

 Share

Recommended Posts

singh763173 Newbie

singh763173

Posted
Posted

Hi all!

So, I setup a open ssh server today and I am able to tunnel my network activity through it using putty (windows). But what I was wondering was, how can I send ALL my network activity through the tunnel?

Im assuming that the local network still handles DNS requests? Is it possible to tunnel the DNS requests also?

Thanks for your help

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

You could use Dynamic socks, for tunneling your traffic through SSH.

Here is a tutorial, http://dimitar.me/dynamic-port-forwarding-with-socks-over-ssh/

Link to comment
Share on other sites
singh763173 Newbie

singh763173

Posted
  • Author
Posted

thanks guys

infiltrator, that is what i am currently doing - i have setup a dynamic port on the tunnels section of putty and then use socks proxy localhost:port on my machine. but correct me if im wrong, does that leave DNS requests locally? or is that also resolved by the host end?

kuro - reading up on vpn over ssh now, thanks!

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

thanks guys

infiltrator, that is what i am currently doing - i have setup a dynamic port on the tunnels section of putty and then use socks proxy localhost:port on my machine. but correct me if im wrong, does that leave DNS requests locally? or is that also resolved by the host end?

kuro - reading up on vpn over ssh now, thanks!

Yes, it will still be performing local DNS lookups, I know with Firefox you can set it to do DNS lookups remotely rather than locally.

Link to comment
Share on other sites
singh763173 Newbie

singh763173

Posted
  • Author
Posted

You know what - I love this forum :)

I ran a quick search for Firefox Remote DNS and found that in the firefox config - network.proxy.socks_remote_dns can be changed to true. You wouldnt happen to know how it works by any chance? From what i can see, it sends the request to the same socks proxy that handles the http requests?

so if network traffic is going through localhost:port dns will also..?

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

You wouldnt happen to know how it works by any chance? From what i can see, it sends the request to the same socks proxy that handles the http requests?

so if network traffic is going through localhost:port dns will also..?

From what I've been reading, the application in this case "Firefox", when enabled to use network.proxy.socks_remote_dns is forced not to do any local dns lookups and instructed to use the remote dns instead.

Here is an article, I found.

https://calomel.org/firefox_ssh_proxy.html

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

reading it now. Thanks for your help!

By the way, you should watch season 10 episode 12. Darren talks about how to default your local connections, if you were using a VPN or SSH connection.

Link to comment
Share on other sites
grant_g Newbie

grant_g

Posted
Posted

If it's any help, I use StrongVPN.

I got it because

1. I can go around my school's firewall (which restricts EVERYTHING).

2. No MITMing me :)

Tunneling to my computer was ok, but I found StrongVPN to be much faster. Also, it's setup so all traffic runs through it by the click of one button. I do this even on my phone.

Maybe there are other good VPNs (even better/cheaper), but for how often I'm on unsecured networks, its worth it for me.

my 2 cents

Link to comment
Share on other sites
singh763173 Newbie

singh763173

Posted
  • Author
Posted

Just looked at StrongVPN, I'd rather not pay for VPN when I can setup a free VPN server at home lol. SSH tunneling works better for me - purely because of the fact that no software installation is required - putty and firefox both being portable.

But an option none the less!

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

if the programs don't allow SOCKS proxy, I think there is something similar to privoxy that will forward all your traffic through the tunnel. Privoxy might even be able to do it, but not sure. I know there is another tool that does this, but I can't remember the name, and I think its only a windows based program. In linux, you can probably do some sort of port forwarding via iptables or such to get around it.

Link to comment
Share on other sites
manouche Newbie

manouche

Posted
Posted

if the programs don't allow SOCKS proxy, I think there is something similar to privoxy that will forward all your traffic through the tunnel. Privoxy might even be able to do it, but not sure. I know there is another tool that does this, but I can't remember the name, and I think its only a windows based program. In linux, you can probably do some sort of port forwarding via iptables or such to get around it.

You might be thinking of FreeCap I use a portable version on my windows USB drive partition to launch other portable progs such as Filezilla or thunderbird so that they use the socks proxy of either an SSH or SSL tunnel I have established from the thumb drive. That plus gateway and proxy discovering tools have enabled me to tunnel any programs that dont use mutiple simmultaneous ports (such as old Netmeeting or unmodified skype)out of the most restrictive of environments.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...