|
methoxy
Hi, I'm Methoxy.


Registered: 06/23/08
Posts: 197
Last seen: 6 years, 20 days
|
Encrypt all your traffic and bypass firewalls using SSH tunneling
#11929565 - 01/30/10 01:03 PM (14 years, 3 months ago) |
|
|
Instructions: 1) Get a Linux (or UNIX) shell account on a dedicated or VPS server Some places sell shells for as low as $2 a month. Some may not allow SSH tunneling. 2) Go to PuTTY download page 4) Part of the PuTTY package is a program called PLINK - Download it 5) Open cmd.exe and CD to the directory where PLINK is, or put it in your %systemroot%\SYSTEM32 6) Run this: plink -D 6969 your_username@linux.server.com (Where linux.server.com is the hostname or IP of your shell account) 7) Enter your password when prompted. 8) Minimize CMD.EXE and leave it running at all times.
For Windows 7 / Vista users.. Click Start and type "Internet Options" in the box. Click the "Connections" tab. Select LAN Settings. Under "Proxy Server" select "Use a proxy server for your LAN" (this is only if you are using a LAN and not a dialup, for dialup, set it up otherwise). Click Advanced. Remove all the hostnames for HTTP, Secure, FTP, and only put "localhost" port 6969 for SOCKS.
For Windows XP you have to download a program called "ProxyFirewall" which is free. Search Google for it, you basically tunnel outgoing connection through localhost:6969 over SOCKS.
It's pretty straightforward, if you have any questions just post here and I'll try to answer them.
All your connections/data is encrypted using triple DES, the same protocol for https:// connections. It becomes unencrypted past your shell account. So LEO or people snooping your local LAN wont be able to intercept your data as easy. This should also work for filesharing.
Testing the functionality: Visit www.whatismyip.com. Your IP address should be the IP address of your Linux Shell Account.
Edited by methoxy (01/30/10 05:57 PM)
|
fastfred
Old Hand



Registered: 05/17/04
Posts: 6,899
Loc: Dark side of the moon
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: methoxy]
#11936153 - 01/31/10 02:37 PM (14 years, 3 months ago) |
|
|
Why do you think that's any safer than anything else?
Your IP is still going to be tied to the shell account you pay for. It's no harder for LEO to get that info than your ISP info.
Why would you do all this when you can just use TOR and be 50X more secure?
-FF
|
Aiko Aiko



Registered: 05/13/05
Posts: 6,426
Loc: Lazy River Road
Last seen: 10 hours, 18 minutes
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: fastfred]
#11936455 - 01/31/10 03:39 PM (14 years, 3 months ago) |
|
|
I used to uae TOR but it became extremely slow. Is it any better these days?
-------------------- Easily test the dosage of your tabs at home! qtests.org Man says, "God, show me and I will believe." God says, "Believe and I will show you."
|
nooneman


Registered: 04/24/09
Posts: 14,714
Loc: Utah
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: Aiko Aiko]
#11936586 - 01/31/10 04:07 PM (14 years, 3 months ago) |
|
|
Triple DES has been broken, so don't count on that securing anything. As mentioned, your name and IP are tied to your VPS account, so that's also worthless. Things like TOR are the only way to have any kind of relative security. Still, your ISP probably knows everything you're doing, and they probably have logs. The problem is that most encryption is worthless.
Edited by nooneman (01/31/10 04:07 PM)
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 23 hours
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: fastfred]
#11943308 - 02/01/10 04:58 PM (14 years, 3 months ago) |
|
|
Quote:
Why do you think that's any safer than anything else?
One extra layer of protection does help. Encrypting all your outbound traffic is a real good thing, especially if you are at work, are under investigation or are using someone else's wireless.
Quote:
Your IP is still going to be tied to the shell account you pay for. It's no harder for LEO to get that info than your ISP info.
Use someone else's wireless.
Quote:
Why would you do all this when you can just use TOR and be 50X more secure?
Tor is 50x slower. Tunneling web connections over ssh is almost as fast as not encrypting at all.
Quote:
Triple DES has been broken, so don't count on that securing anything.
SSH supports many different ciphers, and many have not been broken.
Quote:
As mentioned, your name and IP are tied to your VPS account, so that's also worthless
Not necessarily, perhaps you can get a shell account from someone cool.
Quote:
The problem is that most encryption is worthless.
Not at all true. Almost any encryption will foil law enforcement 99.9% of the time. A good encryption scheme like AES or twofish will foil law enforcement 100% of the time.
The cops don't actually sit there and try to crack encryption. Its just not what they do, and they don't know how anyway. They will bust you for what they can bust you for, and the encrypted stuff remains safe.
There are usually enough loose ends that they don't need to crack the encryption. Concentrate on those and trust the encryption.
|
Anonymous #1
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: Alan Rockefeller]
#11944075 - 02/01/10 06:50 PM (14 years, 3 months ago) |
|
|
the problem with encryption, is that your virtual memory is probably not encrypted.
this is how they bust kiddie pron rings. cops kick down the door, and copy the ram, temp disks and everything else that evades encryption to find evidence.
then they lie to you during questioning saying they have everything on you, and unless you talk you're going to jail for life (obviously they have nothing on you). then you spill to them and practically hand them an easy conviction.
as for Tor, the department of injustice in the US has the most exit nodes in the world so they can snoop on all the traffic. ssh is good, and shell accounts can easily be paid with stealth credit card info from giftcards or virtual visas
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: Anonymous #1]
#11946348 - 02/02/10 05:45 AM (14 years, 3 months ago) |
|
|
> and shell accounts can easily be paid with stealth credit card info from giftcards or virtual visas
Stealth credit cards, etc, don't prevent the shell host provider from recording the times and IP addresses that you connect from. If LEO is serious, and if you are 'static' (i.e. using a paid service that can be subpoenaed), they will track you down.
-------------------- Just another spore in the wind.
|
fastfred
Old Hand



Registered: 05/17/04
Posts: 6,899
Loc: Dark side of the moon
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: Seuss]
#11947400 - 02/02/10 11:45 AM (14 years, 3 months ago) |
|
|
Quote:
as for Tor, the department of injustice in the US has the most exit nodes in the world so they can snoop on all the traffic.
Anybody know more about this?
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 23 hours
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: fastfred]
#11947739 - 02/02/10 01:10 PM (14 years, 3 months ago) |
|
|
Quote:
Stealth credit cards, etc, don't prevent the shell host provider from recording the times and IP addresses that you connect from. If LEO is serious, and if you are 'static' (i.e. using a paid service that can be subpoenaed), they will track you down.
Unless you hack the server and change the IP address records.
Quote:
as for Tor, the department of injustice in the US has the most exit nodes in the world so they can snoop on all the traffic.
I have never heard that before, but since anyone can run an exit node it makes sense.
|
methoxy
Hi, I'm Methoxy.


Registered: 06/23/08
Posts: 197
Last seen: 6 years, 20 days
|
Re: Encrypt all your traffic and bypass firewalls using SSH tunneling [Re: fastfred]
#11947753 - 02/02/10 01:12 PM (14 years, 3 months ago) |
|
|
Maybe go on IRC and find some random kid that will add you to his box?
Also I would worry about Ettercap, this tool can be used on any switced network at any ISP to sniff and intercept plaintext packets. It can also log encrypted packets, which may be crackable.
Apparently AES 256bit is the best encryption you can configure SSHD to use.
-------------------- But Jimi was feeling good - he'd shared some LSD with a friend, Herbert Worthington, who sat and watched him from the side: 'Jimi started singing "Spanish Castle Magic" and I was high, I was so happy, probably one of the happiest times of my life, being with an Angel [Jimi] and having a woman on each arm. I just went into an LSD laugh.' Jimi looked over to Herbert, realised that he too was peaking out on acid, tried to say something to Herbie, but it wouldn't come out. - Jimi Hendrix "Electric Gypsy"
Edited by methoxy (02/02/10 01:48 PM)
|
|