Whenever you are on a Public WiFi connection, you need to have your traffic encrypted so no one can snoop on what you are doing or poison your DNS/etc. Since every wireless packet is broadcast over the open-air, anyone can snoop in on your traffic. Unencrypted sessions can be captured and your precious passwords grabbed by the evil ‘Cracker’ (Cracker=Bad Hacker). I briefly discussed this in a previous post when I was in Japan, but it’s time to provide a detailed howto because too many people are getting taken advantage of.
A linux box that you have public access to and a valid username
Windows, Linux, or Mac as your OS for the client machine
1. Download PuTTY and save the .exe to your desktop
2. Make sure you have Firefox installed
3. Open PuTTY
4. Type in the address or hostname of your public Linux server that you have access to
5. Expand the +SSH option in the left-pane of the PuTTY program
6. Click on ‘Tunnels’
7. Type in 8888 for the Source port
8. Click on the ‘Dynamic’ radio button below
9. Click Add
10. Make sure it looks like my screenshot
11. Click on ‘Open’ and connect to your Linux server
12. Log in with your user and password
13. Once logged in, minimize your PuTTY Session and switch to Firefox
14. In Firefox: Click on ‘Tools’ at the top, then Options
15. Click on the Advanced tab
16. Click on the Network sub-tab
17. Click on Settings
18. Click the ‘Manual Proxy Configuration’ radio button
19. The line that says ‘SOCKS Host’ put ‘localhost’ and port ’8888′, SOCKS V5 below
20. Click OK
Now all of your TCP web traffic will run through the encrypted SSH tunnel to your Linux server, then go out to the internet. Lets take it one step further and have your DNS lookups sent through the tunnel too.
1. In the address bar, type: ‘about:config’ and hit enter (don’t include the ticks)
2. Hit OK, I know what I’m doing on the prompt
3. Search for DNS in the top field and click on the line that reads:
network.proxy.socks_remote_dns until it is set to ‘TRUE’
4. Type in ‘whatismyip.com’ in the address bar and see if it shows the IP of your Linux server’s Public IP and not the Public IP of the network you are currently on. If you really want to see the magic happening, open up wireshark and watch the packets go by as you browse the web. All SSH packets with the exception of UDP.
If you have any questions or help, leave a comment and I will assist.
Happy (Safe) Browsing!