Let's say you want to connect to an untrusted network, like school, library or other. All your packets could be traced by a proxy and your computer information as well.
There are many ways to avoid this from happening. The one I'll be describing here will involves connecting to a server on your home running a proxy daemon (like squid) via a secure tunnel (like SSH).
First we need to get squid and SSH server installed on your home server and make sure that your router is open for SSH (or another WAN port that can be forwarded to the SSH server port on your LAN).
You can get more info on this process here, and more info on SSH auto login here. These posts should get you connected to your home server and browsing the web without the proxy on the untrusted network knowing you packets (or what you are browsing).
Next step will be to mask your computer info. I'm not sure how well this would work as far as digital signatures, but it may help with some privacy.
I've created 3 files on my PC to use for a quick connection:
. MAC1 - Changes my MAC address, my hostname and my proxy configuration to 127.0.0.1:80
. MAC2 - Changes my MAC and my hostname to original and disables the usage of proxy
. File3 - A ssh script that binds local port 80 to the ssh tunnel
MAC1 #!/bin/bash sudo ifconfig eth0 down sudo ifconfig eth0 hw ether bogus-MAC sudo ifconfig eth0 up sudo bogus-hostname xauth add gconftool -s /system/proxy/mode -t string manual |
MAC2 #!/bin/bash sudo ifconfig eth0 down sudo ifconfig eth0 hw ether original-MAC sudo ifconfig eth0 up sudo original-hostname xauth remove bogus-hostname gconftool -s /system/proxy/mode -t string none |
File3 #!/bin/bash sudo ssh -v -L 80: |
Other Links:
- http://sourceforge.net/projects/anonym-os/
Vic
No comments:
Post a Comment