Social security for getting on a large amount Beat The Cycle Of Debt Beat The Cycle Of Debt for an approved in addition questions.

Browse the Web Securely and Safely on Public WiFi – Encrypt your Traffic

Posted: February 26th, 2009 | Author: | Filed under: Linux, Tech | Tags: , , , , , , , , , , , , , | No Comments »

Whenever you are on a Public WiFi connection, you need to have your traffic encrypted so no one can snoop on what you are doing or poison your DNS/etc.   Since every wireless packet is broadcast over the open-air, anyone can snoop in on your traffic.  Unencrypted sessions can be captured and your precious passwords grabbed by the evil ‘Cracker’ (Cracker=Bad Hacker).  I briefly discussed this in a previous post when I was in Japan, but it’s time to provide a detailed howto because too many people are getting taken advantage of.

Prerequisites:
A linux box that you have public access to and a valid username
Windows, Linux, or Mac as your OS for the client machine

Windows:
1. Download PuTTY and save the .exe to your desktop
2. Make sure you have Firefox installed
3. Open PuTTY
4. Type in the address or hostname of your public Linux server that you have access to

ss-05-20090225-1516
5. Expand the +SSH option in the left-pane of the PuTTY program
6. Click on ‘Tunnels’
7. Type in 8888 for the Source port
8. Click on the ‘Dynamic’ radio button below
ss-06-20090225-1517
9. Click Add
10. Make sure it looks like my screenshot
ss-07-20090225-1517
11. Click on ‘Open’ and connect to your Linux server
12. Log in with your user and password
13. Once logged in, minimize your PuTTY Session and switch to Firefox
14. In Firefox: Click on ‘Tools’ at the top, then Options
15. Click on the Advanced tab
16. Click on the Network sub-tab
17. Click on Settings
18. Click the ‘Manual Proxy Configuration’ radio button
19. The line that says ‘SOCKS Host’ put ‘localhost’ and port ’8888′, SOCKS V5 below
ss-08-20090226-1248
20. Click OK

Now all of your TCP web traffic will run through the encrypted SSH tunnel to your Linux server, then go out to the internet.  Lets take it one step further and have your DNS lookups sent through the tunnel too.  :)

In Firefox:
1. In the address bar, type:     ‘about:config’ and hit enter (don’t include the ticks)
2. Hit OK, I know what I’m doing on the prompt
3. Search for DNS in the top field and click on the line that reads:
network.proxy.socks_remote_dns until it is set to ‘TRUE’
ss-09-20090226-1249
4. Type in ‘whatismyip.com’ in the address bar and see if it shows the IP of your Linux server’s Public IP and not the Public IP of the network you are currently on.  If you really want to see the magic happening, open up wireshark and watch the packets go by as you browse the web.  All SSH packets with the exception of UDP.

If you have any questions or help, leave a comment and I will assist.

Happy (Safe) Browsing!
–Gregg



Leave a Reply

  • ERROR: si-captcha.php plugin says GD image support not detected in PHP!

    Contact your web host and ask them why GD image support is not enabled for PHP.

    ERROR: si-captcha.php plugin says imagepng function not detected in PHP!

    Contact your web host and ask them why imagepng function is not enabled for PHP.