Monday, February 06, 2012

SSH Tunneling with puTTy and your browser

In this article we will discuss on how to tunnel using SSH / Secure Shell which can be used to hide your IP address or bypass firewalls at your school or office. SSH can also be used for forwarding TCP ports and x11 connections.

We will be using puTTy as our SSH client and it can be downloaded here. Follow this simple steps in order to cloak your IP address while you are surfing the net:

1. Run puTTy

2. Put the IP address of the SSH server that you want to use under Host name or IP Address Tab

3. Go to SSH tab >> Tunnels then put your desired port on the source port (In this example I will be using 9191 which we will soon put in the socks host port of the browser) then check Dynamic and click ADD.

4. Click Open then login with your username and password.

6. Configure your browser's network settings. Below are instructions for specific browsers that you have installed in your computer:

Mozilla Firefox: Tools > Options > Advanced > Settings > Manual proxy configuration.

Google Chrome: Options > Under the hood > Network > Change proxy settings > LAN settings > Use a proxy server > Advanced > HTTP.

Internet Explorer: Tools > Internet options > Connections > LAN settings > Use a proxy server > Advanced > HTTP.

Opera: Tools > Preferences > Advanced > Network.

7.  Insert this in your socks:

Socks Host port 9191(your desired port)

8. Click OK after you are done configuring your network settings.

Alright now we're all set! To check if you have successfully tunneled your IP address, click this. If you see the IP address of the SSH server that you put on your host then you have successfully configured your browser with your SSH server. Congratulations!

About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.