Encrypt all your packets with SSH tunneling
I presented this last night on myDEFCON #17 at 1st Floor, Northam Beach Cafe, Penang. During the past meetings, we’ve discussed and explored the art of wireless sniffing and man in the middle attacks. This is my FREE solution to guard against those attacks.
Packets shouldn’t be travelling unencrypted over the network, especially over WiFi. You can secure yourself from sniffing by using this solution or VPN.
I’ve set up a tunneling server on my old Pentium 3 box. It runs Ubuntu 5.04 base install.
On it I’ve installed
I then added port forwarding on my router to point to my SSHd on port 22. I also enabled my DynDNS on the router so that it automatically updates their NS. With that done, the tunneling server is set.
For the client side, I used PuTTY, a free telnet/SSH client for Windows.
Here is where I define the ports to tunnel. I’ve mapped my localport 1080 and 3128 to my tunneling server. 1080 will point to my socks5 daemon and 3128 to squid.
Once that’s done, you need to set your application’s proxy to point to those ports. To make life easier, use Tunnelier or FreeCap. I do it manually though.
With this solution in place, anyone sniffing within the network will not be able to know what you’re doing. They will only detect an encrypted connection to your tunneling server.
Try it out and let me know how it works for you.
Any info or guides to encrypt packets on windows? Would really appreciate it.
This method uses SSH tunneling, which is OS independant. You just need to find the right SSH, Proxy and Socks5 server for Windows to get them to work.
on linux (or any *nixes), i encrypt my pop/smtp via ssh using
ssh -L 1101:mail.hackinthebox.org:110 -L 2525:mail.hackinthebox.org:25 -l mel mail.hackinthebox.org
and set thunderbird to connet to smtp on localhot at port 2525 and pop on localhost at port 1101.
Same thing I for my mails … only on Windows Thunderbird
Thanks for the comment man. Packets need to encrypted at all cost
So when do the meetups happen? I happen to be in Penang too…
I’ve disbanded the group after about 2 years. It was due to inactivity, low attendance and lack of work contribution. In our heyday … we average about 15 pax each month. Plans are in the midst to revive the group but it will be handled by geek00L.
Does this encrypt ALL packets from client? For example, what about DNS requests?
And in the picture shown - I presume it is just an example, and in fact, the forwarded ports should look more like:
L1080 remote-socks-server:1080
etc?
Using Hamachi (a free and easy VPN solution) is easier and it’s available for Windows , Linux and Mac OS X
bwooster: Any app that is configured to use the tunnel will have it’s own DNS request piping thru. Unless the app uses a generic OS DNS request. I’ve check this using TCPview (graphical netstat) and the only DNS request I see is the one to my tunneling server. Of course also from other apps which are not configured to tunnel mainly windows update shit and all.
L1080 remote-socks-server:1080 will obviously work but since we’re connect directly to the server, it will be seen as localhost. Makes things much easier when you decide to change your hostname. Of course if you need to access a host somewhere else, you do that. Bear in mind that the connection will only be encrypted from your end to your tunneling server and it will not be from your tunneling server to your requested server.