Crimson Rider
Guru
Joined: 23 Jun 2003
Posts: 462
Location: Delft, the Netherlands
|
 Posted: Wed Jul 12, 2006 1:10 pm Post subject: SSH, did I pierce the firewall? |
 |
|
Hey guys,
First of, the following is white-hat. I am asked to try and do what I am describing.
The questions are:
Did I pierce the firewall?
Am I untraceable?
The following setup is in place.
| Code: |
+=====+ +============+
| Box |----LAN----| HTTP Proxy |----> Internet
+=====+ +============+ |
This setup is supposed to keep browsing on the workstation Box under control. Sites are logged and some are not allowed. Also it's possible that people are monitored. MSN, ICQ and all are forbidden.
I used the following method to try and circumvent this
| Code: |
+=====+ +============+ +=============+
| Box |----LAN----| HTTP Proxy |----> Internet <----| Squid Proxy | --> Internet
+=====+ +============+ +=============+
| |
+---------------- Putty SSH - Port Forwarding -----------+ |
On the box, I start a Putty SSH session over the HTTP proxy to connect to the squid proxy. Then, I configur Putty to forward port 127.0.0.1:9090 to the Squid Proxy box, wich has a Squid proxy running. The Squid proxy is a box under my complete control on a public IP.
Then using the 127.0.0.1:9090 setup, I can make FireFox go to forbidden sites, and using the Proxy function in Gaim I can use ICQ and MSN.
I think I pierced the firewall. But did I do it so that people can't see where I am going? Is it anonimized?
_________________
Code, justify, code - Pitr Dubovich |
|
Networking & Security
