If you would like to browse the web without revealing your actual IP address to the websites you visit, you can use SSH to set up a SOCKS proxy server.
Many web browsers, e.g. Internet Explorer, Mozilla, etc., can be configured to use a SOCKS proxy server. Other network applications which support the SOCKS protocol can also be configured to route their communications through a SOCKS proxy server.
By tunneling the SOCKS connections through an SSH connection, though, you can encrypt network traffic between the applications using SOCKS on your client system and the SOCKS proxy server so that others on the same network as your client system can not observe the traffic.
To set up a SOCKS server tunnel with SSH, issue the command ssh -ND
n user@server where "n" is the port number you wish to use and
"user@server" is a userid for your account on "server", which is an SSH
server. For instance, ssh -ND 1080 jsmith@abcd.com would
establish a SOCKS proxy server on
TCP
port 1080 on the SSH server abcd.com where you are logging in with the account
jsmith. When you issue the command, you will be prompted for the password for
the jsmith account. After you enter the password, you won't get a shell
prompt from abcd.com, but you should then be able to configure your web
browser to use the SOCKS proxy server running on abcd.com on port 1080. Port
1080 is the default port for the SOCKS protocol, but you can use any port
(it will have to be a port above 1024, if you are not the root user). For
instance ssh -ND 5555 jsmith@abcd.com would work just as well.
You simply have to specify the selected port when configuring the applications
that will use the SOCKS connection, such as your web browser. When the SOCKS
proxy server is set up on abcd.com, only you will be able to use it through
your tunneled SSH connection.
Configuring Browsers to Use SSH SOCKS Proxy Server
Internet Explorer 6.0
Firefox 2.0
Mozilla 1.7
If you want to verify that your web browser is now routing its communications through the SOCKS proxy server you can go to a website that will show the IP address websites are seeing for your system. For instance, www.showmyip.com will show your IP address. It should now show the IP address of abcd.com.
When you want to stop routing your browsers communications through the SOCKS proxy server, you can simply revert to the previous browser configuration.
Note: though your browser will now be receiving content from websites you visit
through the SOCKS proxy server running on abcd.com and transmitting any input
you provide to those websites through the SOCKS proxy server also, your
client system, i.e. the system on which you ran the ssh -ND 1080
jsmith@abcd.com will still be looking up IP addresses for the websites
you visit through the DNS servers specified on the client system when the
SOCKS version 4 protocol is used. E.g., if
you run the ssh command from mypc.mycompany.com, if you visit www.xyz.org, any
content on the website www.xyz.org will be encrypted
between the client system, mypc.mycompany.com and the SOCKS server, abcd.com,
so no one else at mycompany.com will be able to observe the traffic using
a sniffer. All that any
network administrator will know is that you have a connection to abcd.com.
However, mypc needs to translate the name www.xyz.org to its IP address. So
mypc will need to query a local name server, e.g. mycompany.com name servers,
to perform that translation. So someone sniffing traffic from/to mypc would
see it perform a lookup of the IP address for www.xyz.org.
I've found this procedure works when the SSH server is running OpenSSH, even OpenSSH for Windows. It also worked when I tried connecting to a Sun Solaris 2.7 system running Sun_SSH_1.1.
References:
-
SOCKS
Wikipedia -
Tunnel Everything through SSH
By Julius Plenz
March 2, 2006
