PDA

View Full Version : So You Want to Run Your Own (SOCKS) Proxy, ね?



klange
December 1st, 2009, 09:25 PM
Well, you've come to right tutorial!

What is SOCKS?
SOCKS is a networking tunnel protocol developed in the 90s to facilitate communication through a firewall. The idea is that it captures everything - both TCP and UDP - from "SOCKSified" applications and pipes it through a tunnel out to an endpoint. There are a number of implementations of SOCKS, but the one we'll be using allows any computer running sshd (secure shell) to be a proxy server.

So what is SSH?
SSH, or Secure SHell, is a remote command line that you can find in any UNIX-based system - Linux, OS X, BSD, etc. Solaris would be in that Etc., you should know this. But wait, I'm running Windows! There are plenty of SSH servers for Windows, but I personally recommend grabbing all of cygwin and installing OpenSSH for it. OpenSSH is the shit, and cygwin makes any Windows machine worth using.

Okay, so why would I want to do this?
Put simply, we can do lots of fun things with this little combination, the most basic of which is using any computer we have SSH access to as a proxy server for everything - web browsing, instant messaging, even games (though Steam is a bitch and doesn't like being SOCKS'd...). I'm sure you've all been in a situation where access to certain websites has been blocked. This is a fast, super-secure and super-easy way around that!

So how is this different from all those proxy servers on the Internet?
It's different because, unlike HTTP proxies, no one in their right mind would ever block SSH. Ever. In fact, in most secured and firewalled environments, SSH is one of the few things that is always explicitly available. Why? Because it's secure and used by every last server administrator out there. Consider it the Bill of Rights of the Internet: The Right to SSH. It's also different because you have control of the endpoint.

And how do I set this up?
First you need a server running the ssh daemon. This is most typically your home machine. It also helps to have a domain name set up with it, especially if your IP changes often. I won't explain that process here. Next, get OpenSSH server running. With the cygwin stack, your normal username and password can be used to authenticate with SSH. Finally, you'll need a client. On anything UNIX, just use `ssh`; on Windows, get PuTTY. PuTTY is awesome and has the required features we need.

Let's assume our server back home is example.com and our username is Bob. On UNIX-like OSes, we do this:

ssh -D 1080 Bob@example.comSee that -D 1080? That says "host a SOCKS server on port 1080". Port 1080 is the standard for SOCKS. Note that you'll be prompted for a password unless you know what you're doing and set up your SSH server with fancy things like key authentication.

To do this from PuTTY, see this tab:
http://thinkhole.org/wp/wp-content/images/putty-tunnels.gif
(Just use 1080 for the port...)

Now we start up our browser, set its proxy settings for "SOCKS 5", server "localhost", port "1080", and viola, all of our traffic through our browser goes through our proxy! I recommend getting a plugin like FoxyProxy so you can easily turn the proxy connection on and off for Firefox (it's also available for Thunderbird if you want to proxy your mail).

You can also forward anything else using a SOCKSifier like WideCap (http://www.widecap.com/).

Tune in next week when I'll explain to you how to do all of this over DNS packets, effectively getting you free Internet at airports and hotels.

Con
December 1st, 2009, 10:26 PM
There are plenty of SSH servers for Windows, but I personally recommend grabbing all of cygwin and installing OpenSSH for it. OpenSSH is the shit, and cygwin makes any Windows machine worth using.
Finally, you'll need a client...on Windows, get PuTTY. PuTTY is awesome and has the required features we need.
Can you explain to a noob like me what the differences between these are? You didn't go into much depth here.. why do I need cygwin, OpenSSH, and PuTTY, and what do they all do exactly?

edit: also, how and from where can I use this?

klange
December 1st, 2009, 11:53 PM
Can you explain to a noob like me what the differences between these are? You didn't go into much depth here.. why do I need cygwin, OpenSSH, and PuTTY, and what do they all do exactly?

edit: also, how and from where can I use this?
PuTTY is a portable ssh client for Windows. You stick it on a USB stick and take it with you to school, etc. or keep it on your laptop.

OpenSSH is the server (and UNIX client), and the best way to run an SSH server on Windows is through OpenSSH running under Cygwin. Cygwin is a UNIX stack for Windows. You install it from a file server using `setup.exe` (google cygwin, you'll find it) and while installing you select additional packages. One of them is "OpenSSH (Server)".

You need a remote machine, preferably an externally-visible desktop or a personal server with SSH running (if you have a fancy-ass hosting account some where, you may have ssh access to it, poke around, it'll save you some time) to connect to. This connection will almost never be blocked if you can get to the Internet at all.

Dwood
December 2nd, 2009, 06:23 PM
What if I have Solaris + Apache?

klange
December 2nd, 2009, 06:59 PM
What if I have Solaris + Apache?
Solaris has SSH. You're done.
e: assuming you have a default setup, which should come with the server enabled. If not, search your package repositories.
e: and if this is your client machine, I pity you.

Dwood
December 2nd, 2009, 07:23 PM
Solaris has SSH. You're done.
e: assuming you have a default setup, which should come with the server enabled. If not, search your package repositories.
e: and if this is your client machine, I pity you.

Yes, I use Apache and Solaris as my client machine. </sarcasm>

klange
December 2nd, 2009, 07:35 PM
Yes, I use Apache and Solaris as my client machine. </sarcasm>
All of my portable machines run Apache :-3

Dwood
December 3rd, 2009, 05:17 PM
All of my portable machines run Apache :-3

Yeah, I used vi for the essay I typed up yesterday... beat that.

klange
December 3rd, 2009, 05:22 PM
Yeah, I used vi for the essay I typed up yesterday... beat that.
I use Nano for all of my homework and write everything in TeX. I'm not a fan of vim.

Kalub
December 5th, 2009, 12:00 AM
VI is gay shit.... god damn weird controls. Anyways, I'm waiting for this free internet thing... hury the fuck up Bacon and get it done.

klange
December 5th, 2009, 12:28 AM
VI is gay shit.... god damn weird controls. Anyways, I'm waiting for this free internet thing... hury the fuck up Bacon and get it done.
Next week, Kalub, next week. Luckily, I already have this one typed up, so it won't turn into "Write your own forum"...

Kalub
December 5th, 2009, 07:27 PM
So why do you make me wait, are you communist or something?

klange
December 5th, 2009, 07:28 PM
So why do you make me wait, are you communist or something?
Don't bring my political ideals into this.
:gnu:

Vicky
December 5th, 2009, 08:58 PM
Wait... is it 1998 again?

Dwood
December 5th, 2009, 09:39 PM
Wait... is it 1998 again?

1999.

Kalub
December 6th, 2009, 10:19 AM
It's been a week my time, where the fuck is the update. Thanks.

klange
December 6th, 2009, 01:10 PM
It can't possibly have been 24 * 7 hours "your time", "your time" doesn't even affect the passage of a week. I posted on a Tuesday night, so I'll post the next segment on a Tuesday night.

Kalub
December 6th, 2009, 08:27 PM
Today is Wednesday. I see no update.

Kalub
December 12th, 2009, 05:56 PM
You will update this soon.

klange
December 12th, 2009, 07:20 PM
You will update this soon.
Heh? This tutorial is done. It was done when I hit the submit button.

Kalub
December 12th, 2009, 11:58 PM
Oh fuck now I see, you're wasting space by not putting relative shit in the same thread.