Some of you out there might not be aware of the fact that a lot of your traffic is monitored and analyzed. If you are using a public wireless network , if you surf online at school or if you have the bad habit to waste a lot of time at your work place surfing around the web , the truth is ,people like -it administrators-/it teacher or hackers can have access to private data and use it against you.


In order to fight against this you will need

- A personal server ( home or rented online )
- Putty
- OpenSSH


I.The personal server i choose is an old laptop with a lot of personality that I don't use anymore. It can be any computer with an Ubuntu or linux distribution or you can buy one online for a period of time with a linux server with ssh access ( you need a lot of rights on it so be careful when you decide )

II. Putty - is a ssh client ( to keep it simple )



Download Link
You can copy the exe file in Windows or use for Ubuntu :

sudo apt-get install putty

III. OpenSSH - is a ssh server

You can install it in Ubuntu using
sudo apt-get install openssh
All you have to do now is combine all of them. Install the ssh server and configure it

sudo vi /etc/ssh/sshd_config

You should only allow the users you intend to give access by setting a new line like this

AllowUsers jimbo

The server will autostart on each boot.You can check the log file /var/log/auth.log to see who/when and if the users connected to your ssh server.

If the server is up you can use Putty to create a connection to it. All your traffic from applications that have Socks support will be encrypted and send to this server. For the entire world it will look like your sitting home at your desk browsing around. The only thing people can detect is the fact that you are making some traffic to your home ip; but it's all encrypted. What you do is obvious for an expert but they can't really do to much about it. They can confront you and ban your ip but this is ugly business in the end.

How to configure Putty




After you create a normal putty connection , press SSH -> Tunnels. You have to setup a tunnel that will be created each time you connect to your remote server. We will use a socks 5 proxy server and to do this we have to select

- the local port ( 1100 for example )
- check dynamic
- check IPv4 ( for Ubuntu compatibility )

Don't forget to save. Now , each time you connect using putty , a tunnel between you local computer and the remote computer will be created. In order to exploit this you have to configure your application ( Firefox for example ). Configure the socks5 proxy using your local address : 127.0.0.1 and the port you selected before ( 1100 in our case ).

If you visit a site that detects your ip you should see the remote ip and not the local ip you have assigned.

Power tips
- OpenSSH is both a server and a client so you can exclude putty and just create connection like this : ssh -D 1080 user@example.com
- in order to protect yourself you should change the default ssh port from 22 to another random port(
configure both the client and the server after )

- applications like fail2ban should be use in order to protect from brute force attacks on your ssh server( don't ever forget the
strong password )

- if you know what DNS is you should change your Firefox settings like this
about:config ->  network.proxy.socks_remote_dns = true

- if you use openssh client in ubuntu a great way to see the open sessions is :
sudo netstat -natp | grep sshd
- PLINK is the putty equivalent for command line ssh client