Looks like ssh can support forwarding traffic and act as a SOCKS proxy. This is fantastic for encrypted browsing over unsecured wifi connections. Just setup Firefox, AIM or any other SOCKS 4 or 5 compliant program to use the proxy. After executing the command below ssh will be listening on localhost (127.0.0.1) and you would then point your SOCKS compliant program to this ip and the port you specify below. This can also be done with SSH client for windows Putty. Something like this possibly (look it up yourself): putty -D 8080 -L 443 -ssh ssh_hostname.
ssh -qTfnN2 -D 8080 user@machine
The above commands in the line mean:
-q :- be very quite, we are acting only as a tunnel.
-T :- Do not allocate a pseudo tty, we are only acting a tunnel.
-f :- move the ssh process to background, as we don?t want to interact with this ssh session directly.
-N :- Do not execute remote command.
-n :- redirect standard input to /dev/null.
-2 :- Forces ssh to try protocol version 2 only.
-D :- Specifies a local ``dynamic'' application-level port forwarding. This works by allocating a socket to listen to port on the local side,
and whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then
used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports.
If you want to change settings in firefox for example go to: edit -> preferences -> connection settings -> manual proxy configuration -> SOCKS Host 127.0.0.1 Port 8080. Firefox will still use your local DNS to do lookups for hostnames. This may give you away if your using SOCKS to browse remotely and don't want anyone to know where your going. To get Firefox to use the proxy's dns type "about:config" into the url bar. Then change "network.proxy.socks_remote_dns" to "true". Type it in at the top and then double click it.
If you have a browser like Opera or another program that is not SOCKS aware you can use a program called tsocks. It makes a little tunnel and takes all of the outbound network traffic from the program that can't talk SOCKS and turns it into a program that can use the SOCKS server.Open the config file (/etc/tsocks.conf) and set your local networks like "local = 192.168.0.*". Then tell tsocks where the local SOCKS server is running with the settings "server = localhost" and "server_port = 8080". Last set tsocks to SOCKS type 5 like "server_type = 5". Then save the file and fire up your non-socks aware program using tsocks like "tsocks opera".
If the network your on blocks ssh outbound but leaves open port 80 or 443 then just run your ssh server on the open 80 or 443 ports.
If the network your on blocks all ports outbound except one for a proxy server then you can use a program called corkscrew. It will tunnel SSH through HTTP proxies. All you need to know is what ports the proxy lets you connect to like https (443) or http (80). Follow the readme it will show you how to set it up with ssh. After that you just use the ssh line we discussed at the top of this article to use ssh as your SOCKS proxy. Possibly combine corkscrew with tsocks.
If you have a firewall or proxy that only allows http headers going out 80 then you could use httptunnel. You need to run httptunnel on both the machine you connecting from and the machine your connecting to. The machine your connecting to will be doing your tunneling (your home machine possibly) and will need to run the httptunnel server on port 80 so you could not have any program using that port. Just read the readme's and other instructions to get it going.
If your on a network that will only let you resolve dns queries then you can even tunnel your ssh traffic through dns. Wicked huh? You can do this with a program called iodine. To do this you have to have control over real domain like pantz.org and a server with a static public IP number that does not yet run a DNS server. This is because you will be running a fake dns server on udp port 53 on your server. That is how the traffic is tunneled to your machine from the locked down network that only allows dns queries. Just read about it a the link above.
If your really desperate you can even tunnel icmp packets. This is known to most people through the program ping. A ping is just and icmp echo request. If you get onto a network that is really locked down but for some reason lets you ping hosts to the outside world then you can tunnel your traffic through icmp packets. It can be done with a program called ping tunnel.
Tunnels are really an endless game. The thing to remember is if your on a network and you can get any kind of machine on that network (proxy,dns,etc) to connect to a machine of your choosing outside of that network then you can tunnel to it. Like a dns query or a ping. You can tunnel almost any thing. Just becasue your on a locked down network doe not mean your situation is hopeless but if you have a host you control on the outside world (your home machine) and you control the host on the locked down network (root privs) you have a better chance of being able to use a tunnel.
