.

SSH Tunnel

<<

Thegmandrive

Newbie
Newbie

Posts: 43

Joined: Tue Feb 17, 2009 8:34 pm

Post Mon Apr 27, 2009 7:20 pm

SSH Tunnel

Question for you all :) I have set up an ssh connection to one of my servers via the command
ssh -D 8080 -f -C -q -N myuser@myserver.com   I then set my SOCKS manually (in this case in safari settings) to localhost port 8080

I checked to make sure my browser was tunneling by going to (Whatsmyip) and the Ip address that is showing up, is of course my web server address.

Here is my question.

With my connection tunneled I know that my passwords and sites I visit are kept private to anyone "listening" however. Say I do not own the server I am connected to. Can the people who own the server monitor my browsing history/download history/ passwords etc.
<<

jimbob

Post Tue Apr 28, 2009 5:01 am

Re: SSH Tunnel

Hi,
That's a good question. The encrypted tunnel protects the data being carried across the network from eavesdropping. What it does not do is protect the end points. What does this mean? Basically if you are sending unencrypted traffic is can potentially SSH does not defend against it being sniffed from either end of the tunnel.

The remote server will be decrypting your web traffic and spitting it back out onto the Internet and so information can be gathered on the server about your surfing habits. You don't need admin privileges for example to run `netstat` on the server to see what connections are being made.

Another thing to consider is other information your computer transmits when you are surfing the web. If you point your web browser to a local SOCKS proxy then the DNS queries you make to resolve web site host names will not be sent out over the secure tunnel. You might not be able to see the content of the sites you are visiting but you will be able to determine the names of the sites.

Regards,
Jim
<<

Thegmandrive

Newbie
Newbie

Posts: 43

Joined: Tue Feb 17, 2009 8:34 pm

Post Tue Apr 28, 2009 11:45 pm

Re: SSH Tunnel

I have Firefox set to fix the DNS problem. Whats the safest way to tunnel then? I head encrypting your traffic on a public wifi network would be a good idea. Is there another way to encrypt the traffic? Privoxy maybe?
<<

jimbob

Post Wed Apr 29, 2009 5:34 am

Re: SSH Tunnel

It all depends on what you are trying to achieve. If you are seeking privacy from eavesdropping on your network then the SSL tunnel works fine. If you want to anonymise your traffic consider Tor (http://www.torproject.org/). There are lots of other VPN solutions out there that will encrypt your traffic and the best one for the job again depends on what you want to achieve.

Jimbob
<<

Thegmandrive

Newbie
Newbie

Posts: 43

Joined: Tue Feb 17, 2009 8:34 pm

Post Wed Apr 29, 2009 1:34 pm

Re: SSH Tunnel

Thanks for the information Jimbob, gives me some things to research. Thanks again for your replies :)
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Wed Apr 29, 2009 2:19 pm

Re: SSH Tunnel

BTW, this technique (SSH tunnel) is great for bypassing content-filtering proxies. 
~~~~~~~~~~~~~~
Ketchup
<<

Thegmandrive

Newbie
Newbie

Posts: 43

Joined: Tue Feb 17, 2009 8:34 pm

Post Wed Apr 29, 2009 6:25 pm

Re: SSH Tunnel

True that, I have websense at work.... and I figured out one of there open proxies. However that is against company policy and I don't want to get fired... I'm afraid when my boss comes to my desk and see's me watching youtube video's he might be wondering how I did that :)

Peace.

Return to Wireless

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software