Michael Mayhew

Archive for September, 2009

Use SSH as a Proxy Server

by on Sep.16, 2009, under Linux, Technology

Not many people know you can easily create a SOCKS proxy with your SSH session, point your browser to it and browse securely on any network.

There are many different situations this may be handy:

  • You could be on a public network and not want your web traffic visible to snoopers.
  • You could be on a computer that doesn’t have direct access to the Internet but have SSH access to an Internet accessible computer.
  • You could be at work and not want your web traffic monitored. AKA: Firewall Avoidance.  I, of course, am not promoting firewall avoidance but it is definitely a possibility with SSH.

Now let’s get down to how you do this:

Windows

I’m assuming you already know how to SSH using PuTTY.  If you need help with this, leave a comment and I’ll provide more detail.

In PuTTY, go to Connection -> SSH -> Tunnels.  Type any number in the ‘Source port’ text field.  I like using 9999 myself.  Then select the ‘Dynamic’ radio button.  Then click Add.

That’s the only change you need to make before connecting to your SSH host.  Now when you connect, you can use port 9999 locally as a SOCKS proxy.  I’ll explain how to use this after the Linux section.

Linux

Again, I’m assuming you already know how to SSH from command line.  All you have to do is add “-D <port>” to your SSH command.  If you were going to use port 9999 as your local SOCKS proxy, your command may look like:

ssh -D 9999 username@hostname

Once you connect, you will have a SOCKS proxy running locally on your specified port.

OK, Now What?

So now you have the SOCKS proxy running locally.  You can point your browser, IM client or any application that has SOCKS proxy support. Here are a few examples:

Internet Explorer: Tools -> Connections -> LAN Settings -> “Use a proxy server [...] ” -> Advanced -> SOCKS

Firefox: Edit -> Preferences -> Advanced -> Network -> Settings -> Manual proxy connection -> SOCKS Host

Pidgin (gaim): Tools -> Preferences -> Network -> Proxy type -> SOCKS 5

If you poke around other applications you’ll find many support a SOCKS proxy and many do not.

Tips:

Even when using a SOCKS proxy, most applications will do DNS resolution before going through the proxy.  Many applications have settings for this.  In Firefox type “about:config” in the url bar and find the following setting”network.proxy.socks_remote_dns” and change it to true.  In Pidgin, there is a checkbox for “Use remote ..”

In Linux, if you are getting a permission issue, you must use a port higher than 1024 as the SOCKS proxy unless you are root

Please post any questions in the comments area, and I’ll address them ASAP!

Leave a Comment :, , , , , , more...

Android: Google’s Mobile OS

by on Sep.13, 2009, under Android

I’m a big fan of Google’s Android mobile OS.  It allows a lot more flexibility and freedom over the iPhone OS.  T-mobile is also a lot more “hacker friendly” by allowing apps for rooted (hacked) phones in their Market which is equivalent to the iPhone’s App Store.

A few key features that puts the Android OS over the iPhone, IMHO, is removable storage, ability to install 3rd party applications, open source,  3g tethering and running apps in the background.

But to get the full potential out of your Android device, you may want to consider “rooting” it.  This gives you full root (administrative) access to the device.  This allows custom ROM images, customer boot loaders and custom applications.

With Cyanogen’s custom ROM you get several custom features as well as a heavily optimized kernel that will speed up your device.  With Cyanogen’s ROM, I’ve moved my applications to an ext2 partition on my SD card.  I’ve also moved the cache for internal applications to the SD card.  This free’s up internal memory, allows more capacity and speeds up the device. Cyanogen’s ROM also provides enhancements to the browser as well as other internal applications.

For the true geek’s out there, you can run a full Debian distro on top of the phone’s OS.  There is also a free tethering application that will tether your 3g connection over Bluetooth or Wifi.  The Wifi aspects still blows my mind.  It basically turns your phone into a WEP-enabled Wifi access point that multiple devices can connect to.  The app gives out DHCP addresses and will even do MAC address access control.

I’ll leave you with a few links:

Root Your Android Device In 1 Click.

xda-developers.com: The Best Source On The Net For Android Hacking

Cyanogen’s Rom: The Best Custom Rom For Your Rooted Android Device

Run Debian On Your G1

Please leave any questions in the comment section and I’ll address them.

Leave a Comment :, , , , , more...

First!

by on Sep.12, 2009, under General

This being my first blog post I feel I should tell you something about myself.  I’m a Systems Engineer for BBVA Compass.  I manage all Internet facing systems such as Online Banking.  I’m also a graduate Student at UAB working on my Master’s Degree.

This blog will not be for everyone but if you are a technology nerd with conservative-leaning libertarian political views, you’ll probably enjoy it very much.

If we aren’t already connected on LinkedIn, Facebook or Twitter, feel free!

Leave a Comment :, more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Archives

All entries, chronologically...