Wednesday, June 08, 2011

TOR and SSH Tunnels - privacy on the Internet

I was asked the other day how I communicate on the web (security and privacy)

The short answer is: IPCop Firewall (squid, url-content filter), OpenDNS, Linux + ssh tunnel + tor + Browser extensions: (Firefox and Chromium): Adblock Plus, BetterPrivacy, HTTPS-Everywhere, NoScript, Torbutton

I have access to SSH servers around the world, which I tunnel all inet protocols through (one or more locations). SSH tunnels are similar to VPN's. Then I route through the TOR network. Since I'm also in the security business I often tunnel my connection through one or more honeynet/honeypot locations I operate. For business reasons I will not go into detail but you can learn from the following:

Intrusion Detection FAQ: What is a Honeypot?

Honeynet Project

Honeypot (computing) wiki

'Know Your Enemy': Everything you need to know about honeypots


How-To: SSH tunnels for secure network access

"..SSH (secure shell) is normally used to allow secure encrypted command line connections to a server. It can also be used to create encrypted network tunnels to transport unencrypted data, such as email sessions. And you don't even have to be a Unix geek to do it. We'll show you how to do it from the command line and then using an easy tool for OS X (if that's your thing)....."



Tor (The Onion Router) is a very sophisticated network of proxy servers.

"..When you use Tor to access a Web site, your communications are randomly routed through a network of independent, volunteer proxies. All the traffic between Tor servers (or relays) is encrypted, and each of the relays knows only the IP address of two other machines – the one immediately previous to it and the one immediately after it in the chain...."



Tor Browser Bundle

Download Tor Browser Bundle:

EFF Tor Project:

" The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser, and is self-contained. The Tor IM Browser Bundle additionally allows instant messaging and chat over Tor. If you would prefer to use your existing web browser, install Tor permanently, or if you don't use Windows, see the other ways to download Tor.

Freedom House has produced a video on how to find and use the Tor Browser Bundle. "



Privacy for anyone anywhere - Tails Linux Tor Based LiveCD-Usb Distro


Configure Tor to use a specific country as an exit node

" Many Internet services offer access to their services only if you are visiting the websites or applications from certain countries. IPs, and sometimes more variables like the system time, are checked when a user wants to access a country restricted service. If the IP is located in an allowed country access is allowed, otherwise it is rejected.

Many workarounds exist that help users access those services even if they are currently residing in a different country. One possibility that I would like to explain today is to configure Tor that way that the exit node lies in the country that you want to access the service in. Tor offers lots of so called nodes which are servers in a specific country running the Tor software....."



Tor on Android

Portable Apps (Tor)

Portable Apps

Want Tor to really work?

SSH Proxy

Tunneling protocol

Quick-Tip: SSH Tunneling Made Easy

Why use SSH Tunnels?

" In the past, all computers on the Computer Science Department network had public IP addresses. This means they were accessible from anywhere in the world. This was convenient for those working at home because they could directly connect to the computers in their offices and research labs.

Public IP addresses also caused problems. Because these computers were universally accessible, they could be attacked by anyone on the global Internet. They could also become infected by a virus or a worm and spread the infection to others.

By using the Computer Science Department's Linux Open Labs (which have public IP addresses), you can forward traffic to a computer with a private IP address (such as an office or research lab computer). This allows you to have the security of a private IP address, while retaining the convenience of a public IP address. It works in the same manner as a Virtual Private Network, but with a simpler configuration....."



Lesson From Tor Hack: Anonymity and Privacy Aren't the Same

Network security hacks By Andrew Lockhart

Hack 38. Tunnel SSH Through Tor