The Ethical Hacker Network

Latest Additions

Who's Online

EH-Net News Feeds

Latest Additions

Thegmandrive

Newbie

Offline

Posts: 40

SSH Tunnel

« on: April 27, 2009, 07:20:56 PM »

Question for you all

I have set up an ssh connection to one of my servers via the command
ssh -D 8080 -f -C -q -N myuser@myserver.com I then set my SOCKS manually (in this case in safari settings) to localhost port 8080

I checked to make sure my browser was tunneling by going to (Whatsmyip) and the Ip address that is showing up, is of course my web server address.

Here is my question.

With my connection tunneled I know that my passwords and sites I visit are kept private to anyone "listening" however. Say I do not own the server I am connected to. Can the people who own the server monitor my browsing history/download history/ passwords etc.


	Logged

jimbob

Guest

Re: SSH Tunnel

« Reply #1 on: April 28, 2009, 05:01:47 AM »

Hi,
That's a good question. The encrypted tunnel protects the data being carried across the network from eavesdropping. What it does not do is protect the end points. What does this mean? Basically if you are sending unencrypted traffic is can potentially SSH does not defend against it being sniffed from either end of the tunnel.

The remote server will be decrypting your web traffic and spitting it back out onto the Internet and so information can be gathered on the server about your surfing habits. You don't need admin privileges for example to run `netstat` on the server to see what connections are being made.

Another thing to consider is other information your computer transmits when you are surfing the web. If you point your web browser to a local SOCKS proxy then the DNS queries you make to resolve web site host names will not be sent out over the secure tunnel. You might not be able to see the content of the sites you are visiting but you will be able to determine the names of the sites.

Regards,
Jim


	Logged

Thegmandrive

Newbie

Offline

Posts: 40

Re: SSH Tunnel

« Reply #2 on: April 28, 2009, 11:45:52 PM »

I have Firefox set to fix the DNS problem. Whats the safest way to tunnel then? I head encrypting your traffic on a public wifi network would be a good idea. Is there another way to encrypt the traffic? Privoxy maybe?


	Logged

jimbob

Guest

Re: SSH Tunnel

« Reply #3 on: April 29, 2009, 05:34:49 AM »

It all depends on what you are trying to achieve. If you are seeking privacy from eavesdropping on your network then the SSL tunnel works fine. If you want to anonymise your traffic consider Tor (http://www.torproject.org/). There are lots of other VPN solutions out there that will encrypt your traffic and the best one for the job again depends on what you want to achieve.

Jimbob


	Logged

Thegmandrive

Newbie

Offline

Posts: 40

Re: SSH Tunnel

« Reply #4 on: April 29, 2009, 01:34:48 PM »

Thanks for the information Jimbob, gives me some things to research. Thanks again for your replies


	Logged

Ketchup

Hero Member

Offline

Posts: 1006

Re: SSH Tunnel

« Reply #5 on: April 29, 2009, 02:19:57 PM »

BTW, this technique (SSH tunnel) is great for bypassing content-filtering proxies.


	Logged

~~~~~~~~~~~~~~
Ketchup

Thegmandrive

Newbie

Offline

Posts: 40

Re: SSH Tunnel

« Reply #6 on: April 29, 2009, 06:25:12 PM »

True that, I have websense at work.... and I figured out one of there open proxies. However that is against company policy and I don't want to get fired... I'm afraid when my boss comes to my desk and see's me watching youtube video's he might be wondering how I did that

Peace.