Re: Tunneling misc questions.
From:Date: 10/28/02
- Next message: Phillip Lord: "Confused over ssh-agent"
- Previous message: Doctor Jeep: "Re: SSH2 question"
- In reply to: Magnus: "Tunneling misc questions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Oct 2002 15:35:11 GMT
Magnus wrote:
> Hi all.
>
> I just wanted to ask a few things. I tried to look for the FAQ, and I
> think I found it, but please accept my apologies in case my questions
> have already been answered.
>
> Ok. So, I want to set up an SSH-based tunnel from my computer at
> work, to a computer outside, to carry primarily HTTP traffic, and
> maybe some other stuff too (like VNC or X).
>
> This is how I figured it:
>
> workstation -[SSH]>-- firewall --<[SSH}- outside machine --- whole Net
>
> (workstation probably running PuTTY)
>
> That is, I'm not looking to set up only one connection for just VNC or
> just mail, I want to hide my surfing from any snooping proxies, etc.
>
> Now, getting out should not be a problem. If it is, I should be able
> to get a HTTP tunnel working. My main concern is with the "outside
> machine". How much special configuration will I need to get my HTTP
> requests out from that machine to the rest of the world? Any? A lot?
> Would I need to install a HTTP proxy on that machine?
>
>
> Also, do any of you have any experience in setting up this kind of
> thing on a Freesco box as the outside machine? I already have one I
> can use, and it would be neat to do just that.
>
>
> Now I should probably say something like "I'm not going to use this to
> violate company policy, for cracking, porn surfing, MP3s.." etc, like
> some people do, but you wouldn't know if I did anyway, would you? So
> I won't.
>
>
> Magnus
This is easy and I do it all the time. For my purposes I use Junkbuster
as my http proxy at home. This is not necessary, but I use it to clean
the ads from my surfing.
I have junkbuster listening on an internal ip address on port 8000, so
my ssh syntax is (simply):
ssh user@server -N -L 8000:internal_ip:8000
I point my browser's proxy at localhost:8000 (which is the first 8000
above) which will proxy my session to junkbuster listening on the
internal_ip 8000.
If you want to tunnel to your isp's pop server, add:
-R 110:isp_pop_server_ip:110
If you want to tunnel to your isp's usenet server, add:
-R 119:isp_nntp_server:119
The -N option in the ssh syntax is jsut for port forwarding and doesn't
open up a shell on the remote ssh server. It's up to you to use.
If you want a generic socks4 proxy, ssh will do that as well:
ssh -D 5555 user@server
Then point your browser/whatever to localhost:5555. This is as simple
as it gets.
- Next message: Phillip Lord: "Confused over ssh-agent"
- Previous message: Doctor Jeep: "Re: SSH2 question"
- In reply to: Magnus: "Tunneling misc questions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
