SSH Tunnel

Viewing 6 reply threads
  • Author
    • #3738

      Question for you all 🙂 I have set up an ssh connection to one of my servers via the command
      ssh -D 8080 -f -C -q -N   I then set my SOCKS manually (in this case in safari settings) to localhost port 8080

      I checked to make sure my browser was tunneling by going to (Whatsmyip) and the Ip address that is showing up, is of course my web server address.

      Here is my question.

      With my connection tunneled I know that my passwords and sites I visit are kept private to anyone “listening” however. Say I do not own the server I am connected to. Can the people who own the server monitor my browsing history/download history/ passwords etc.

    • #23941

      That’s a good question. The encrypted tunnel protects the data being carried across the network from eavesdropping. What it does not do is protect the end points. What does this mean? Basically if you are sending unencrypted traffic is can potentially SSH does not defend against it being sniffed from either end of the tunnel.

      The remote server will be decrypting your web traffic and spitting it back out onto the Internet and so information can be gathered on the server about your surfing habits. You don’t need admin privileges for example to run `netstat` on the server to see what connections are being made.

      Another thing to consider is other information your computer transmits when you are surfing the web. If you point your web browser to a local SOCKS proxy then the DNS queries you make to resolve web site host names will not be sent out over the secure tunnel. You might not be able to see the content of the sites you are visiting but you will be able to determine the names of the sites.


    • #23942

      I have Firefox set to fix the DNS problem. Whats the safest way to tunnel then? I head encrypting your traffic on a public wifi network would be a good idea. Is there another way to encrypt the traffic? Privoxy maybe?

    • #23943

      It all depends on what you are trying to achieve. If you are seeking privacy from eavesdropping on your network then the SSL tunnel works fine. If you want to anonymise your traffic consider Tor ( There are lots of other VPN solutions out there that will encrypt your traffic and the best one for the job again depends on what you want to achieve.


    • #23944

      Thanks for the information Jimbob, gives me some things to research. Thanks again for your replies 🙂

    • #23945

      BTW, this technique (SSH tunnel) is great for bypassing content-filtering proxies. 

    • #23946

      True that, I have websense at work…. and I figured out one of there open proxies. However that is against company policy and I don’t want to get fired… I’m afraid when my boss comes to my desk and see’s me watching youtube video’s he might be wondering how I did that 🙂


Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?