MattLestock.com

Thoughts from your friendly neighborhood technologist.

Category: Hak5 (page 2 of 2)

Setup an SSH SOCKS proxy!

For episode 416 of HAK5, I showed how easy it really is to tunnel all kinds of traffic from HTTP, FTP, and more over a secure SSH Socks proxy.

Some of you may be thinking to yourself… “HOLY CRAP WHAT ARE THESE TERMS?!”  And I’m here to assure you that it’s going to be OK! Really it is.

What you’ll need

  • An SSH server to act as your proxy.
    Simple enough really!  If you’re using windows I highly recommend freeSSHd.  If you’re on a mac check out this page for instructions on how to enable remote logon.  Linux users, you should know how to do this. 😉
  • An SSH client on the computer you’re using.
    Mac and *nix machines have SSH built right in at the command line. Windows users can do like I did in the episode and download plink (available here).  There are other people out there that will recommend Cygwin, but for this purpose, it’s really overkill.

How proxies work

In a nutshell, what you’re doing with a proxy is setting up a middle-person (no not a pineapple, but close) between you and the internet. Using the proxy, your browser hands off web page requests to the proxy server, which handles the request and fetches the page for you from the internet. The web site actually thinks the request is coming from the proxy server, not your computer, which is a good way to obscure your originating IP address.

Additionally, the connection between your computer and the proxy happens over SSH, an encrypted protocol. This prevents wifi sniffers from seeing what you’re doing online.

Start your SSH tunnel

So you’ve got your ssh server setup at your house or workplace. Great! To connect to it we’re going to setup a local proxy server on your client that you’ll be browsing the internet from, which will then “tunnel” web traffic from your local machine to the remote server over SSH. The command to run on your linux / mac client in a terminal window is : ssh -ND 9999 you@example.com

For Windows it’s as simple as browsing to the directory you saved plink to and runningplink.exe -N -D 9999 you@example.com

Of course, you’re going to replace the you with your username on your SSH server and example.com with your server domain name or IP address. What that command does is accept requests from your local machine on port 9999 and hands that request off to your server at example.com for processing.

When you execute either of those commands, you’ll be prompted for your password.  After you authenticate, nothing will happen. The -N tells ssh not to open an interactive prompt, so it will just hang there, waiting. That’s exactly what you want.

Set Firefox to use SOCKS proxy

Once your proxy’s up and running, configure Firefox to use it. From Firefox’s Tools menu, choose Options, and from the Advanced section choose the Network tab. Next to “Configure how Firefox connects to the Internet” hit the “Settings” button and enter the SOCKS information, which is the server name (localhost) and the port you used (in the example above, 9999.)

Save those settings and hit up a web page. When it loads, visit http://www.ipchicken.com to see if it’s using your remote ssh server to tunnel traffic.  If you are, GOLDEN!

If you feel there’s something I’ve missed, hit me up here (http://www.mattlestock.com)

PS: Remember that you’ll need to open your firewall a bit by cracking open port 9999 on your local machine and port 22 on your server for SSH.

Hak5 Shownotes for Episode 414

Hey guys, here’s my notes for the Webmin / Usermin segment I did on episode 414 of HAK5.

Talking about making your life easier if you’re a linux system admin I demonstratred the great and free tools Webmin and Usermin available from http://webmin.com/

Here’s a great screenshot of visual iptables editing.

IPTable Editor

Installing the package is as easy as RPM -i webmin-1.441-1.noarch.rpm
Once installed goto https://yourserver.com:10000 and login with a user like root.
After you’ve logged in you can just start clicking through the menus and see what you can do with this great piece of software.

During the show I explained how to create custom commands and deploy them to users with the webmin addon (http://webmin.com/usermin.html).

If you have any questions, feel free to post a comment or send me an email: matt [at] hak5 [dot] org

FW Builder

Hey everyone, time for your weekly update on the segments we feature on Hak5.

This week I took a look at FWBuilder. An absolutely great tool for managing firewall policies in a slew of different devices.
Here’s a little blurb from the official website.

“Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations.”

To be honest with you, FW builder is quite a bit more powerful than some of the other firewall management system’s I’ve used in the past, and will be following the progress of this system and have already made a request to include Juniper firewall policy support.

Find more info about FW Builder at http://fwbuilder.org

Spiceworks 3.1

Here’s a quick blurb on the Spiceworks segment which was in Hak5 episode 402.

Existing features include:

  • Help desk system
  • Run and edit your own reports on a huge variety of asset data
  • Ping, Traceroute, and run Remote Control against a computer
  • Compare workstation configurations with each other
  • Index and monitor Event Log entries and other stats
  • Fully integrated help & user-community based forums
  • Automatic discovery of Windows, Linux, Mac and SNMP based devices
  • Manual asset addition (not limited to network devices)
  • Inventory software license keys of many popular applications
  • Attach documents and custom notes/attributes to any asset
  • Determine your complete network inventory at a glance; view distribution of hardware vendors, servers, software installations and more

Some new features to whet your appetite:

  • Microsoft Exchange monitoring – keep track of your heavy mailbox hitters and Exchange services
  • LDAP integration – Allow your users to login with their Active Directory credentials while submitting a help desk ticket
  • Asset groups – organize your assets into logical containers
  • Service providers – Add important dates, phone numbers and other contact information pertaining to your service providers (contractors, ISPs, web-hosting, etc.)
  • Revamped user navigation interface
  • Share reports with other Spiceworks community members

Remember that Spiceworks works best on a corporate computer installation where you either have a Windows domain, or a master user / password installed on your boxes.

You can find more info at http://www.spiceworks.com

Newer posts »

© 2019 MattLestock.com

Theme by Anders NorenUp ↑