Wednesday, December 8, 2010

How to Encrypt Your Internet Traffic

This is the coolest trick I learned while working at Blinkx. At the time, our management really hated when we go on any type of instant messaging applications. I also suspected that our messenger conversations and other internet activities were being monitored. I was pissed so this is what I did to combat their nosiness.

Open an SSH Tunnel to a Remote Machine

There are a couple ways you can do this (one through Putty and one through Cygwin). Personally I like the Cygwin method since it requires one command line. I will discuss the Cygwin method here.

  1. Download and install Cygwin. Make sure that you also install the ‘openssh’ and ‘vim’ packages.

  2. Open a Cygwin terminal

  3. In your home directory create a script called tunnel.sh
    vim tunnel.sh

  4. Place the following line into tunnel.sh
    ssh -x -2 -D 1000 <username>@<remote-machine>

  5. Make your script executable
    chmod u+x tunnel.sh

  6. Execute the script (enter your password to login to the box) and minimize the window (leave the        connection open)
    sh tunnel.sh

  7. For password-less login, you can setup SSH key authentication but this is optional


That’s it! Now you have an SSH tunnel to the remote SSH box on your localhost port 1000. All you have to do now is tell your applications to direct all traffic to that port.

Configure Internet Applications to Proxy Traffic Through Your Tunnel


There are two ways to get this done. One way is easy but it costs money. The other way is easy and 

time-consuming but it’s free. If you want to pay to do it the easy way, you can use programs like ProxyCap 

to handle all of your traffic routing. I’ve tried quite a few of these applications and I find that ProxyCap is 

the most powerful. ProxyCap lets you have multiple tunnels open and lets you tunnel specific traffic to any 

of the tunnels depending on IP or Application based rules. Even though this is the easier way to tunnel traffic, 

you won’t need to purchase this software if you are just tunneling an instant messenger and/or a web browser 

application.


Configuring Firefox to Use Your Tunnel

    	
  1. Go to Tools > Options > Advanced (button) > Network (tab) > Connection > Settings

    2. 	
  2. Configure your Proxy settings like the image below:
    <!--enpts-->Firefox Proxy Settings<!--enpte-->

    3. 	
  3. Click “OK” and you are set!




Testing Firefox Proxy


In the web browser, check that your IP is different from before you tunneled your traffic by using cmyip.

Configuring AIM to Use Your Tunnel

  1. Open AIM connection preferences

  2. Set the Proxy settings


<!--enpts-->Proxy Settings for AIM<!--enpte-->

Testing AIM Proxy

Shutdown your proxy tunnel and try to send a message to someone. Your AIM should now sign off once it realizes that I cannot send any traffic through port 1000.

Conclusion

You should now be able to enjoy the internet without having to worry about “Big Brother” monitoring your traffic. This is also useful when you are traveling and are using an public network to do secure transactions (e.g. financial transactions). The only thing that can be seen by a packet sniffer is just a bunch of SSH encrypted packets being sent to your remote machine. Sniffer applications will have no idea what the contents of the packets are and where their true destinations are.

from OMNINOGGIN
Posted by at
Labels: ,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)