Tunnel browser traffic through ssh with limited network access

November 6, 2017

I go to conferences and meetups quite a lot, and one thing I always encounter on those trips, is bad wifi or internet access. The “public” networks made available to visitors often limit network access to http(s) and e-mail. This means for instance that I can’t use my XMPP/Jabber chat. A second problem with those networks is that my e-mail provider blocks e-mail access because they think I’m in an unknown location and I’m an intruder. The third problem is that there often are other people snooping around on the network trying to see what they can intercept. This is how I solve those problems for myself:

I use TorBrowser to set up a connection to the Tor network. This works on those limited networks, because Tor can connect over http(s). Tor also starts a SOCKS5 proxy on port 9150 on my computer (it does that by default), which I can use to tunnel traffic trough the Tor network. This would already solve most of my problems, except that my email provider doesn’t trust Tor, and won’t let me connect over the Tor network. We need to go deeper.

Another solution would be to use SSH with its -D option to setup a connection to my VPS (which my email provider trusts) and again, make a SOCKS5 proxy available to my local system to connect to the internet over that SSH connection. That, however, doesn’t work because those public wifi networks don’t allow SSH connections. Let’s combine this with the TorBrowser step: I setup SSH to use the proxy that TorBrowser started by putting this in my ~/.ssh/config file:

ProxyCommand /usr/bin/nc -x 127.0.0.1:9150 %h %p

Then, I use ssh over that proxy and let it expose another proxy, to which I can connect my email client:

ssh -D 9999 user@server

Now I can make all my apps (e-mail, XMPP/Jabber, etc…) use the SOCKS5 proxy on port 9999 to connect to the internet. They will appear to connect from my VPS, but actually, they’re going over SSH, which runs over Tor. It’s tricky, but it fixes my problem!

Enjoy it!

Anonymity – Browse the web with more privacy

June 9, 2010

PLEASE: THIS POST IS VERY OUTDATED… SOME THINGS DESCRIBED HERE WON’T PROTECT YOU ANYMORE

Recently i visited www.whattheinternetknowsaboutyou.com, a site where you can see your complete browsing history… which means that -if they want to- THEY can see your browsing history too. That’s not too bad, you think? You know EVERY SITE can see that, and a few things more.

– your IP adress (so also your location on the planet)
– the site that directed you to that page (referrer)
– your complete web-browsing history
– the browser you’re using (in the user-agent string)
– the Operating System you’re using (in the user-agent string)

and that’s all no big deal really, it’s easy as 1-2-3. Now you say “so what? they don’t know who i am”. Exactly. They don’t. But they don’t need to know your name! The information they have right here is more than enough to uniquely identify you out of billions of other internet users. So don’t you think that’s concerning?

Anyway, IF you want a little bit of privacy on the web, here’s how i hid all these aspects in an easy way, using Ubuntu 10.04 and Firefox, combined with TOR, and a bunch of Firefox plugins.

STEP 1. Install TOR on Ubuntu. you find the how-to here – use ‘Option two’. By using tor in combination with Polipo(see step 2) we’re going to hide our location and ip adress.

STEP 2. Check if Polipo is installed on your Ubuntu system. (It was automatically installed during my TOR installation). if not, install it. Then go here – Download the Polipo configuration for TOR file (in step two), and follow the instructions in the same paragraph.

STEP 3. We’re going to install some add-ons in Firefox now. First is the ‘Torbutton‘. Without it, TOR doesn’t work with Firefox. go here – and install the add-on by clicking the green ‘+Add to Firefox’ button.

STEP 4. Install the ‘No referrer‘ add-on for Firefox here – this little tool is going to hide our referrer page.

STEP 5. Install the ‘User Agent Switcher‘ add-on for Firefox here – this tool switches our user agent so websites we visit can’t see that we’re using Firefox on Ubuntu (and more info..)

STEP 6. Install the ‘Adblock Plus‘ add-on fore Firefox here – this will block ads on webpages. We need that because ads tend to find around the tor software, and have our real ip and location compromised.

STEP 7. Quit Firefox, and do a complete restart of Ubuntu. Then restart Firefox. you’ll see that a bunch of pages opens because we installed the new add-ons. We need to do a few more things.

STEP 8. A page of Adblock Plus will be opened, asking to install a filter description. Choose one that seems ok to you. After that you can close the remaining pages.

STEP 9. choose another user agent. 'Tools' > 'Default User Agent' > 'Internet Explorer' > 'Internet Explorer 7' might be a good choice.

STEP 10. Click the green ‘R’ icon on the right bottom of your screen. In the menu that pops up check the box before ‘Don’t send referrers to any URL‘ and save.

STEP 11. Click the tor button on the right bottom of the screen to switch TOR on and off.

STEP 12. To disable the history leaking, just disable the history (in Firefox preferences), or choose ‘clear history when Firefox closes’. that way you won’t have much to worry about.

now you’re set. remember. for normal browsing, you don’t need to do all this 🙂 this is just for the paranoid. Still, try not to use the tor network, the user agent switcher and the referrer disabler when it’s not needed. these things were made to make the web better. some people just use them for the wrong purpose.

enjoy the privacy 🙂

regards
Toon