squid
--
Richard Silverman
res@qoxp.net
This is a discussion on looking for simple proxy s/w (to forward requests from external computer) - SSH ; I am looking for software that will allow an external computer user (on the internet) to be able to put my IP address in his browser's proxy settings, so his http requests go through my computer, and my computer's IP ...
I am looking for software that will allow an external computer user (on
the internet) to be able to put my IP address in his browser's proxy
settings, so his http requests go through my computer, and my
computer's IP address is what the destination sees. I want a password
to be required to use the proxy server, and otherwise any IP address
can use it. The password needs to be encryped - I don't care if the
stuff after that is enctypted or not. The software only needs to be
able to handle one external connection. The proxy software should not
give itself away (environmental variables passed on). My OS is Windows
XP. A small, simple software package is what I'm looking for.
This is basically what the https "high anonymity" proxy servers do (I
believe) - except for the password.
I downloaded ezProxy hoping it would do this. Apparently it doesn't
handle making connections with computers on the internet - and just
works with an existing LAN, or with other software that handles the
connection to the client computer. I also don't know if ezProxy gives
away the fact that it's running, as that isn't mentioned in the
documentation (and I can't test it as it doesn't appear to make the
connections...). (Maybe XP will make this type of connection? I know it
has some built in networking - but I only know of that working with LAN
cards.)
The home computer is on a cable modem, and the IP address is static,
and pings work (if I set my firewall to allow that) - so I should be
able to do this. I am not interested in "remote desktop" stuff - I just
want to pass on/return http requests.
I would prefer to not have to install some bulky package with lots of
extra features - like OpenSSH w/Cygwin - if that will even do what I
want (I know it secures ftp and pop3 connections...)
Thanks for any help.
squid
--
Richard Silverman
res@qoxp.net
Richard E. Silverman wrote:
> squid
>
> --
> Richard Silverman
> res@qoxp.net
Gees. I hope that isn't the simplest thing out there to accomplish this
simple task. I looked at the docs. Win XP is not fully supported - it
says transparent proxy wasn't even ported, and lists a lot of other
issues.
I can almost do what I want with Privoxy. It can accept connections
from an external port and pass the web page request (in this case) on.
It doesn't encrypt anything, though, and has no option to require
passwords for port access. The only thing I want is an encrypted
password to be passed - I don't care about encryption after that.
Well, here's one solution using SSH: both OpenSSH and PuTTY can act as a
SOCKS5 proxy. E.g.:
A$ ssh -D 1080 B
listens on localhost:1080 on A. You set your web browser to use that
socket as a SOCKS5 proxy (most browsers support this); all connections TCP
connections the browser wants to make then go through the SSH tunnel and
are actually made by the remote host B. Two issues:
1) The SSH SOCKS5 proxy does not support authentication. However, you
have to authenticate to establish the SSH connection, so you get the
same effect.
2) SOCKS5 supports DNS names as well as IP addresses, but not all browsers
take advantage of this. If your browser doesn't, then information
about your browsing is leaked locally by the DNS lookups you issue.
--
Richard Silverman
res@qoxp.net
Richard E. Silverman wrote:
> Well, here's one solution using SSH: both OpenSSH and PuTTY can act as a
> SOCKS5 proxy. E.g.:
>
> A$ ssh -D 1080 B
>
> listens on localhost:1080 on A. You set your web browser to use that
> socket as a SOCKS5 proxy (most browsers support this); all connections TCP
> connections the browser wants to make then go through the SSH tunnel and
> are actually made by the remote host B. Two issues:
>
Well, I didn't include all the details. The problem with using a SOCKS
proxy is that the client computer will be connecting to the remote
proxy server using TOR. TOR uses a chain of SOCKS proxies, but the
final one requires an http connection. The browser points to Privoxy
which forwards/SOCKS4a to TOR. Privoxy optionally defines an http proxy
server & port that the final TOR server would talk to - this would be
my remote http proxy server - IF I can just get it to require a
password - preferably encrypted. (Running TOR as a server on the remote
computer as the last hop in the TOR chain is not an option.)
In your example, what's running on B? Another copy of PuTTY? What's the
command on B?
I was wondering if I could run Privoxy on the remote computer (http for
the incoming TOR connection), and forward/SOCKS the data to PuTTY. But
Privoxy doesn't support SOCKS5. I don't know if that would work anyway.
Is there something similiar to Privoxy that supports SOCKS5 - if that
would work? (You can use Privoxy as an OPEN proxy server, by telling it
to listen to any IP address on a specific port (other than 80). Privoxy
can forward/SOCKS4a - but not SOCKS5.)
I searched Google and came upon a description of exactly what your
suggesting (not how to do it), which stated "it's a better alternative
than a passworded remote proxy server, or worse, an open proxy server."
If just I find out *HOW* to set up a "passworded remote proxy server!!"
- I'd be perfectly happy with that. I do prefer the password was
encrypted.
david_l@mail.com wrote:
> I am looking for software that will allow an external computer user (on
> the internet) to be able to put my IP address in his browser's proxy
> settings, so his http requests go through my computer, and my
> computer's IP address is what the destination sees. I want a password
> to be required to use the proxy server, and otherwise any IP address
> can use it. The password needs to be encryped - I don't care if the
> stuff after that is enctypted or not. The software only needs to be
> able to handle one external connection. The proxy software should not
> give itself away (environmental variables passed on). My OS is Windows
> XP. A small, simple software package is what I'm looking for.
>
I anyone else was interested, I found two free packages that do this,
Etlin HTTP Proxy, and 3Proxy.
david_l@mail.com wrote:
> Well, I didn't include all the details. The problem with using a SOCKS
> proxy is that the client computer will be connecting to the remote
> proxy server using TOR. TOR uses a chain of SOCKS proxies, but the
> final one requires an http connection.
Sounds like someone really wants to cover their tracks.
I'm curious. Why would anyone need to go through such measures to hide
themselves? About the only thing I can think of is some dissident
blogger in Iran or China, who wants to keep his or her head attached.
Chuck wrote:
> david_l@mail.com wrote:
>
> > Well, I didn't include all the details. The problem with using a SOCKS
> > proxy is that the client computer will be connecting to the remote
> > proxy server using TOR. TOR uses a chain of SOCKS proxies, but the
> > final one requires an http connection.
>
> Sounds like someone really wants to cover their tracks.
>
> I'm curious. Why would anyone need to go through such measures to hide
> themselves? About the only thing I can think of is some dissident
> blogger in Iran or China, who wants to keep his or her head attached.
Keeping one's head attached is a good thing
I can think of some much more secure measures than this, if I was
worrying about my head. TOR has a warning that it's still experimental
and not to trust it for high security.
There are many reasons for anonymous surfing. For example, apparently
Google keeps tracks of where you've come from, and what you searched
for - forever. Who knows what this might be used for some day.
TOR is very reliable for anonymous surfing. The other free proxy
servers come and go (daily). The stable free proxy sites are limited,
and want you to pay for full services/use.
The problem is that some sites are starting to use lists of known TOR
exit servers, and are blocking them. Having a non-TOR proxy server at
the end solves that problem.
