home Mail List
Info
Info
Meetings
Goals
Upcoming
Projects
FAQ
Security
Links
[Date Prev][Date Next] [Chronological] [Thread] [Top]

[NMLUG] ssh and proxy

You're a systems admin's worst nightmare ;-)  That's cool it worked out for
you that way.  I'll have to agree about squid, it's got a bunch of knobs.  

On Fri, Apr 02, 2004 at 11:31:26AM -0800, Tim Emerick wrote:
> Just wanted to report my success story.  Someone was looking to see if I could get this working for their own security purposes.
>  
> After fruitlessly trying to setup a socks proxy I finally decided to bite the bullet and install squid.  My experience with squid has been that it has so many options that it boggles my mind.  So I wanted to try EVERYTHING else before i tried squid.
>  
> Squid _almost_ worked right out of the box.  Since my debian box is behind a router I had to add the visible_hostname option.  Started up squid and tried it out.
>  
> I installed Mozilla Firefox on my work WinXP PC, pointed all of the proxy settings to localhost:3281 (squid default) except socks proxy.  Added a tunnel to putty.exe for 3128 and voila!!!
>  
> http, https, and ftp work like a charm.  I can use MS IE6 for everything else that corporate has me doing and when I need to get a driver (which is usually in taiwan) or look at some linux pages (which are usually european) I can just fire up putty/firefox and browse to my hearts content.
>  
> The security settings for squid are fairly lax but I didn't give it much concern since my home router does not forward port 3128.  The only way to reach squid is either in my home network or tunneling in via ssh.
>  
> I would like to thank this group for supporting my seemingly moronic questions in the past.  I've been able to learn quite a bit about Linux from you folks and this is just another example.
>  
> Tim Emerick
> 
> Paul Tietjens <paul.tietjens@moriarty.k12.nm.us> wrote:
> Tim Emerick wrote:
> 
> >Hey gang. I'm trying how to bypass my corporate firewall using ssh. Here are the details:
> > 
> >Draconian corporate MS Slaves have blocked all ports except common web ports (21/80/443). They've also blocked all non-us IP addresses. As you know most linux development is outside the US.
> > 
> >I've been able to get an SSH session up by having my router at home do a port translation from port 21 to 22 then forward to my home linux machine. I don't have an FTP server so this solution works great. I can get to the command line on my home machine and run lynx to lookup tech stuff without the "help" of the corporate firewall. Lynx is a bit of a pain so now I would like to do graphical browsing.
> > 
> >I'm using putty to ssh into my linux (debian/unstable) box at home from my windows(XP Pro) box at work. I think I want to do X11 port forwarding but I don't quite know what/where I should be looking to accomplish this. What do I need to have setup on my windows box in order to run a web browser through the ssh tunnel?
> > 
> >Is there another alternative?
> > 
> >Thanks for any pointers
> > 
> >Tim Emerick
> >
> >Do you Yahoo!?
> >Yahoo! Mail - More reliable, more storage, less spam
> > 
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >NMLUG mailing list
> >NMLUG@nmlug.org
> >http://www.nmlug.org/mailman/listinfo/nmlug
> > 
> 
> 
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Small Business $15K Web Design Giveaway - Enter today
> _______________________________________________
> NMLUG mailing list
> NMLUG@nmlug.org
> http://www.nmlug.org/mailman/listinfo/nmlug


-- 

James Hamilton
Southwest Cyberport
http://www.swcp.com
505-232-7992
Please send sugestions and comments to webmaster@nmlug.org.
Valid XHTML 1.1! Valid CSS! Powered by Debian Powered by Apache