This article was originally published on August 30, 2010, so it may be somewhat out of date, although I think it is still mostly relavent.
I recently did a presentation at the Kitchener Waterloo Design Meetup called, “How to Hack a Website”. Although it focused on SQL injections and cross-site scripting, at the end of the presentation I discussed network sniffing and password stealing, using tools like Cain & Abel or Wireshark.
One of the ways to protect oneself against network sniffing when using a public network (maybe work, school, coffee shop or airport for example) is to tunnel your web browsing through SSL (Secure Socket Layer) by way of SSH (Secure Shell). With an SSH tunnel not only are you nearly fully protected against a network sniffing attack, you can also bypass website blocking policies.
The first step to setting up an SSH tunnel is to have an SSH server installed on a home computer. If you use OSX or Linux, you likely have an SSH server already installed. On Windows machines, it’s simply a matter of installing OpenSSH or I prefer MobaSSH. I’ve had far better experiences with it and it works quite well on Windows 7.
However, for an SSH server, I’ve found my Atom based Hackintosh to be an incredibly reliable system. In fact, I’ve removed the chipset fan and it just stays on and is incredibly quiet.
If you have OSX and want to use if for your SSH server, click the Apple icon in the top left of your desktop and go to your preferences->Sharing window and then simply enable Remote Login.
Once you have an SSH server going, make sure that it is accessible from outside your LAN. For my setup, in order to make something accessible from the outside, I have to open up a port on my router’s firewall (and if applicable, on my computer’s firewall).
Open port 22 on your firewall(s).
Now you’re ready to get your laptop or netbook or whatever you’re using setup with putty.
Download Putty from here.
When you first open Putty, make sure that:
In the Category list, select Connection -> SSH -> Tunnels
In the Tunnels configuration:
Click the Add button
Go back to the Session screen
Type in your home SSH server ip address or domain name if
you have one.
At this point you can click the “Save” button to save this
setup (if you’d like).
Click the “Open” button and login.
Now, open Firefox, and go to the Options menu.
In the advanced -> Network tab of the options menu,
Click “Settings…”
Now in the Connection Settings dialog:
To verify that your ip address is that of your home machine now, I usually go to http://www.whatismyip.org
Done! You are now securely surfing through SSL via your
home SSH server, bypassing any policies setup on the local network.
If your linux shell is /sbin/nologin, by default Putty will close the connection immediately once it is established. In Putty, under Connection -> SSH, set “Don’t start a shell or command at all.”
Using OSX, Linux or running some sort of Cygwin toolkit, you can skip Putty altogether and simply use the command line. To setup an SSH tunnel via the ssh terminal command, simply type the following in a terminal window:
ssh -D 127.0.0.1:8080 <ssh_server_ip_address>
The above command sets up an SSH tunnel via port 8080 to the SSH server host. I would then use 8080 as the SOCKS host port in Firefox network configuration.
Other SSH Tunneling software includes