Noob question about securing IM traffic/Firefox at work.

[KRS 0N3]

I am at work and they just bought new software and are sniffing the network. I don't know exactly what they are sniffing but I don't want conversations with my friends or "friends" ;) ending up on a screen somewhere else. The obvious thing would be to use encrypted im clients like Trillian, which I use, but I have friends that aren't savvy and don't' want to download something else just to talk to me. Plus they may be on a different client. That or just not talk at work but sometimes it's the only time with schedules to talk.

I was wondering if there is a simple way to open an encrypted connection to my house, relay my im traffic to my home computer then have it bounced to the correct destination from there. Any help would be appreciated.

[Blue Dragon]

A VPN is what you are looking for. I think the guys covered it in one of their episode. You can set up your Windows XP Box at home as a VPN Server and connect to it from your work computer. It's really simple. For other OSs theres OpenVPN and other apps.

You could maybe also use an SSH-tunnel, but I don't really know how to set it up so that only the IM traffic gets send through it. The guys showed how to use SSH to secure VNC in one episode. Maybe the same method could be used for IM.

[KRS 0N3]

It was like episode 4 of season one or something. I just didn't know if there was a simple program I could run at one end to just encrypt the traffic being sent by an IM client and have it boucned off a server at home. I'll try the VPN + SSH and see how it works.

Thanks

[SomeoneE1se]

a VPN is not what you want, SSH and a tunneling client it what you should be looking at for this a VPN would be over kill.  Also have you tried asking IT what they are doing, or not doing anything at work you don't want them to see.  And any of this becomes pointless if they have monitering software already install on the computer.

[KRS 0N3]

Its not on the computers themselves. Just on the network. The guys in my dept have total, within reason, control of our computers. Install what we want and so forth. They are monitoring traffic to websites, bandwith, with the capability to monitor IM traffic. Which really isn't that hard. But I just don't want my conversations under someone else's eye that I don't know about. I'm not doing anything wrong, I just want my privacy when it comes to my IMs.

[Sparda]

Unless you control the network, assume no privacy.

Things such as PGP and the like can help, but using GPG over the Internet with out any 'specialized' software is not possible.

[nicatronTg]

would this help at all?

[Sparda]

would this help at all?

If they are doing the 'monitoring' correctly they would blacklist TOR node IP addresses. The main reason to monitor Internet usage is to spot where computers have been infected, and stopping TOR seals off another line of malware communication.

"What ever you can do the slow the bad guys down is good." (or some thing to that effect)

-- Paul Dot Com

[nicatronTg]

would this help at all?

If they are doing the 'monitoring' correctly they would blacklist TOR node IP addresses. The main reason to monitor Internet usage is to spot where computers have been infected, and stopping TOR seals off another line of malware communication.

"What ever you can do the slow the bad guys down is good." (or some thing to that effect)

-- Paul Dot Com

Well that stinks, but couldn't you just find a smaller onion routing system and use that?

[moonlit]

TOR is useless for privacy, not only does it mean that you can be monitored on your own network still but it also means that half the internet can watch your traffic too. TOR includes no encryption, it exists purely to pump your traffic through a selection of random nodes sprawled across the internet so it's harder to see where you are.

I'd likely choose an SSH tunnel, as has already been suggested. Either set one up on your home machine or find a server somewhere you can use.

[uber_tom]

As an administrator of a finicial institution, i have to say i would be a lot more concerned about encryped traffic (especially a VPN) than i would about someone using a chat client.

n.b for 'a lot more concerned' read 'Really pissed off'

(not that i didn't do such things myself before i got this position :))

i'd stick with the SSH tunnel, it'll draw alot less attention.

[KRS 0N3]

Open SSH and Putty FTW.

I ran Open SSH on my home computer and run putty at work and my IM traffic is good to go. I sniffed the network and couldn't read anything so I know it works. Pretty simple setup really. Thanks guys.

[Diverge]

another alternative that I really like is WinSSHD.  I use it at my job to tunnel all my browser traffic, and any programs that can utilize a socks5 proxy over a SSH tunnel.  And you could always use a program like freecap to force most programs to use the socks5 proxy. 

Works great for me, you can even have server and client side port forwarding once the tunnel is secure. . .  so i can log into the client pc (my work pc) from the sever pc (home pc), and remotely use my work PC with VNC remote desktop w/o having to utilize open ports or bother with firewalls (since it's all over the tunnel).

hxxp: www. bitvise. com/winsshd. html

[DingleBerries]

You might want to try Pidgin with "Off the Record Messaging" plugin and i know there is an RSA plugin available somewhere. here is a link to the plugins pidgin supports:

http://developer.pidgin.im/wiki/ThirdPartyPlugins

Here are the links to the afore mentioned plugins.

http://pidgin-paranoia.sourceforge.net/

http://pidgin-encrypt.sourceforge.net/

[KRS 0N3]

But that only works with other people with Pidgin right? My problem was that I don't have people that use one client. I have friends on MSN, Yahoo, AIM. Some use the native clients and a few use either Trillian and pidgin. A couple use aimexpress. So there wasn't any consistency to be able to have a secure connection between them. My main concern was just protecting the traffic at work. So I just needed a secure connection from here to my house.

[VaKo]

VPN or SSH tunnel, but a VPN might/proball will cock up your network access to work resources unless your careful. Personally I would go and talk to the network admins and see what they are looking for and if monitoring IM conversations is something that they would be doing as part of the offical network monitoring policy. If that is a no-go, just get yourself a smart phone and use that instead.

[KRS 0N3]

The SSH Tunnel is working flawlessly right now.

[Joerg]

To improve security I recommend using asymetric (public/private keys) system. There are masses of bots outside just waiting to own a non-well protected system :)

[drowbot0181]

TOR is useless for privacy, not only does it mean that you can be monitored on your own network still but it also means that half the internet can watch your traffic too. TOR includes no encryption, it exists purely to pump your traffic through a selection of random nodes sprawled across the internet so it's harder to see where you are.

I'd likely choose an SSH tunnel, as has already been suggested. Either set one up on your home machine or find a server somewhere you can use.

Directly for the Tor Project website:

To create a private network pathway with Tor, the user's software or client incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. No individual relay ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.

The packets ARE encrypted and the main vulnerability is in the end node. I personally have used a portable version of Tor along with Privoxy and Portable Firefox to surf to my hearts content at work. Yes, they will see that traffic is coming from your PC, but they won't know what or where it goes.

[operat0r_001]

https://meebo.com

[Sparda]

I defeat your SSL with my SSL decrypting proxy.

[Jeeves]

It seems like this issue is taken care of already but THIS is a thought as well if you have the ability to install something on your computer. Enjoy!

[KRS 0N3]

Thanks for the extra replies but Cygwin and SSH has worked for me. It took me awhile to get my RSA keys figure out and implemented but has paid off in the end. I have all my IM, browser, and thunderbird traffic routed through it.

Meebo seems like an awesome alternative for my non savvy friends.