Tunnelling Internet traffic via external server

There are situations when we would like to encrypt our Internet traffic. One of those situation is when we use a public computer. Those computers are vulnerable to sniffing. This article will shed some light on this problem.

There is one prerequisite. You need access to a server. The article shows how to set up a small server on Raspberry Pi. If you have access to an another server this is still fine. The server should run Linux operating system and also run SSH server, however.

The procedure is rather straightforward. First of all, you have to connect to the server using a SSH client. Also you have to configure the SSH client to create a dynamic port. Secondly, you have to configure your Internet browser to use proxy based on SOCKS.

Windows target machine

The most common SSH client which is a very powerful tool is Putty. You can download it as a standalone application which does not need to be installed. When you start this application you have to enter the host name of the server and select a SSH connection as pictured below.

putty_hostname

After setting the address you have to configure the dynamic port. You can do this either before establishing connection or after.

putty_D1234

Here port number was set to 1234. After that you have to add the port and it will appear in the list in the window as D1234.

Linux target machine

To connect to a server via SSH you are going to need a ssh client. Simply in the terminal put

ssh [email protected] -D XXXX

This will connect to the server using LOGIN as username and XXXX as desired dynamic port. After invoking above command you will be prompted for your password.

Configuration of Internet browser

As reference the Mozilla Firefox has been used. Go to Tools or Edit depending on what kind of operating system you are using. After that go to Preferences->Advanced->Network->Connection->Settings and you will see something similar to this

firefox_D1234

As you notice the manual configuration has been chosen. There you enter the dynamic port number.

After that everything is configured and you can use dynamic SSH tunnelling. The main advantage of using dynamic SSH tunnelling is convenience and the whole traffic is encrypted. By filtering the network traffic you can only notice that the connection on selected port was established and there is data exchange.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.