Are you trough a firewall and you cannot use some applications because you have the ports blocked?
Anyway, whatever the reason is, this s a very good practice for the security. If need to use Internet Explorer, FireFox, Opera to check your bank account or you need to send private data and you want to be sure this data won’t be sniffed in the way, expecially if you are connected in a public WiFi hotspot.
With this procedure you can make a tunnel between your computer and a remote computer, for example your home computer.
It works like this: You securely connect to your home computer, and your home computer connects to the bank, but you don’t notice it, because it seems you are directly connected to the internet.
What you need…
- A “home” computer with an SSH account, internet and the possibility to login to this account from remote.
- The computer or laptop from which you need to extablish the tunnel
For example, you are renting a room in an apartment, you are paying for the internet, but your neighbour is blocking the http 80 port so that you cannot use your browser, but other applications are working?
That’s good… you need at least one port open to exit in the interntet, the same port is the port to which you need to configure the SSH server in your home computer.
- For example, you have blocked the port 80 because when you try to surf te web you are redirected to some other page or you are asked for a password?
- Can you telnet to remote ports, for example 22, 555….?
If yes you can go on…
In your home computer:
- Configure the SSH in your home computer with a port to which you can connect from the outside
- You need to know your IP address, to get it go to: http://showmyip.com
In your remote computer:
- Download putty from here
- If for example the SSH port you are going to connect to is 888 and the IP address of this SSH server is 127.17.77.190 create a new txt file with only this content: putty -D 8080 -P 888 -ssh 127.17.77.190, of course if the port or the ip address is different, change it with the right ones.
- Give to this file the name that you want and the extension must be .bat
- Put this file in the same folder as the putty executable downloaded from the internet.
- Double click on the .bat file, and check if it connects. If you are connected, type your login and password.
NOW THE TUNNEL IS ESTABLISHED
Your Internet Explorer, FireFox or Opera if they were not working before, they not working now as well, so:
- Go on the connection settings and set the following:
In FireFox go to Tools –> Options –> Advanced –> Network
FireFox Settings
Select Manual proxy configuration
SOCKS Host: localhost Port: 8080
SOCKS v5
No Proxy for: localhost, 127.0.0.1
Now your browser is connecting to your home computer with a secure connection, if somebody sniffes the packets, they are encrypted and unusefult for the “hacker”…. but…
They can still check what web sites you are surfing… if you want the TOTAL privacy you should use FireFox and do the following.
- Type about:config on the address bar… of course, press ENTER
- You are now in the configuration panel of FireFox, look for network.proxy.socks_remote_dns
- Set this value to True
Before activating this settings all the DNS requests were still processed by your originary internet, for example the unsecured WiFI… From now on all the DNS requests are sent via SSH secure connection, so your home computer will send the request for the address-ip resolution.
You can apply the same settings for other applications like eMule, Skype…
If you liked this guide and it was useful for you, please donate me something, even 1 dollar can help me a lot.
Write your comments or ask your question in the forum
Any question? You need our FAST help? Go to our forum and as for FREE!
2:28 am on April 13th, 2009
nice job! school can never block facebook again!
11:39 am on April 13th, 2009
hahaha, you are great
Come to our forum and ask if you need something 
12:23 am on June 21st, 2009
[...] If you are using a proxy, you have to pay attention because the traffic can be encrypted, but probably the DNS requests are not and your internet provider has a track of the websites/connections you made. When you use proxies, you need to redirect to the proxy also the DNS requests… I have written a guide for SSH tunnels, but it will be very useful for you if you have a Linux Server abroad. The guide is here: http://www.security-exchange.net/news/ssh-tunnel-connect-using-a-remote-internet-conncetion/. [...]