home Mail List
Info
Info
Meetings
Goals
Upcoming
Projects
FAQ
Security
Links
[Date Prev][Date Next] [Chronological] [Thread] [Top]

[NMLUG] ssh and proxy

Just wanted to report my success story.  Someone was looking to see if I could get this working for their own security purposes.
 
After fruitlessly trying to setup a socks proxy I finally decided to bite the bullet and install squid.  My experience with squid has been that it has so many options that it boggles my mind.  So I wanted to try EVERYTHING else before i tried squid.
 
Squid _almost_ worked right out of the box.  Since my debian box is behind a router I had to add the visible_hostname option.  Started up squid and tried it out.
 
I installed Mozilla Firefox on my work WinXP PC, pointed all of the proxy settings to localhost:3281 (squid default) except socks proxy.  Added a tunnel to putty.exe for 3128 and voila!!!
 
http, https, and ftp work like a charm.  I can use MS IE6 for everything else that corporate has me doing and when I need to get a driver (which is usually in taiwan) or look at some linux pages (which are usually european) I can just fire up putty/firefox and browse to my hearts content.
 
The security settings for squid are fairly lax but I didn't give it much concern since my home router does not forward port 3128.  The only way to reach squid is either in my home network or tunneling in via ssh.
 
I would like to thank this group for supporting my seemingly moronic questions in the past.  I've been able to learn quite a bit about Linux from you folks and this is just another example.
 
Tim Emerick

Paul Tietjens <paul.tietjens@moriarty.k12.nm.us> wrote:
Tim Emerick wrote:

>Hey gang. I'm trying how to bypass my corporate firewall using ssh. Here are the details:
> 
>Draconian corporate MS Slaves have blocked all ports except common web ports (21/80/443). They've also blocked all non-us IP addresses. As you know most linux development is outside the US.
> 
>I've been able to get an SSH session up by having my router at home do a port translation from port 21 to 22 then forward to my home linux machine. I don't have an FTP server so this solution works great. I can get to the command line on my home machine and run lynx to lookup tech stuff without the "help" of the corporate firewall. Lynx is a bit of a pain so now I would like to do graphical browsing.
> 
>I'm using putty to ssh into my linux (debian/unstable) box at home from my windows(XP Pro) box at work. I think I want to do X11 port forwarding but I don't quite know what/where I should be looking to accomplish this. What do I need to have setup on my windows box in order to run a web browser through the ssh tunnel?
> 
>Is there another alternative?
> 
>Thanks for any pointers
> 
>Tim Emerick
>
>Do you Yahoo!?
>Yahoo! Mail - More reliable, more storage, less spam
> 
>
>------------------------------------------------------------------------
>
>_______________________________________________
>NMLUG mailing list
>NMLUG@nmlug.org
>http://www.nmlug.org/mailman/listinfo/nmlug
> 


---------------------------------
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway - Enter today
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.b9.com/pipermail/nmlug/attachments/20040402/cd2a29cb/attachment.htm
Please send sugestions and comments to webmaster@nmlug.org.
Valid XHTML 1.1! Valid CSS! Powered by Debian Powered by Apache