I hope this doesn't fall foul of the "self-promotion" rules - if it does, I apologise in advance.
I've written a little guide on how to use Portable Apps together for secure web access, regardless of where you're browsing from. The text is listed below, with a link at the very end to my web page, where some additional screenshots are displayed. Any feedback on the guide would be appreciated.
------
If you have to use Windows from various locations/computers, and are frustrated by firewalls or worried about who might be snooping on your browsing, this guide is for you.
This guide was written with Portable Apps in mind, and assumes that the remote machine you will be using is an always-on Linux PC. You can, however, use the non-portable versions of the software and adjust the instructions for other operating system combinations with very little difficulty.
To begin with, on your home computer, you need SSH. If you are connected to the web via a router, you can use SSH with its default configuration. Otherwise, if your PC can be directly accessed from the web, you must edit the configuration file /etc/ssh/sshd_config and change the port number from 22 to 443.
If you have a router, you must set it to direct all traffic to its port 443 to be forwarded to your PC's port 22. On my router, this looks like this (Click image to enlarge):
[Image]
(10.0.0.3 is my home PC's address on the LAN.)
The reason we change the default SSH port is that some firewalls only allow web traffic through: They ban connections to port 22. To bypass this, we set SSH to listen instead on port 443, which is the port usually used by secure web pages - the ones with the https:// addresses with the locked-padlock icon. It just gives us a higher chance of being able to connect no matter where we are.
That should be pretty much all the configuration on your home PC done. The only other thing you need to know is your home machine's IP address. It helps if you have a static IP address here, but it's not vital: Just check the IP every time you reconnect.
Now let's switch to a Windows PC and install our Portable Apps. Go to the web page and download the portable versions Putty, plus Firefox, Thunderbird, Gaim, and/or any other packages you may want. Install them onto your USB stick.
Now run putty.
[Image]
In the "Host name" field, put your home IP address, and change the port from 22 to 443:
[Image]
Now in the Connection - SSH - Tunnels window, enter a port number such as 5678, check "Dynamic" and "Auto", then click "Add"
[Image]
You should get the port number, prefixed with a "D", in the forwarded ports box:
[Image]
That's all. Go back to the Session window, enter a "Saved sessions" name and click "Save"
This, when run, will give you a secure tunnel home if you have a direct web connection. If, however, you are behind a proxy server, you need to let Putty know about that.
Internet Explorer will usually be configured with the correct proxy settings, so find them from here: Tools - Internet Options - Connections - LAN Settings and see what's in the "Proxy server" field. Copy these settings into Putty's Connection - Proxy window as an HTTP proxy. If a username & password is needed, enter those too. Then return again to the Session window, enter a different name for the proxy-using settings, and click Save again.
Now double-click the appropriate saved session, and Putty will open an SSH connection to your home PC. It should look just like a normal shell, such as you'd see in any xterm window.
Now start up the portable Firefox. Tools - Options - Advanced - Network - Settings. Check the "Manual proxy configuration" radio button. Leave all fields blank, except for the "Socks host" entry. Set this to "localhost" and set the port to whatever you told Putty to use - in the above examples, 5678.
"Okay" everything, and now in the Firefox address bar, enter "about:config" and press "Return"
In the "Filter" box, type network.proxy.socks, right-click on the "network.proxy.socks_remote_dns" option, and select "Toggle" to make this entry "True"
[Image]
Firefox should now be set up to use the tunnel set up by Putty: If you have web access at this point, you have succeeded. The process for setting up Thunderbird is much the same.
To make "Gaim" work, go into "Preferences". In the "Netowrking" tab, configure it to use a SOCKS5 proxy, with the usual localhost and port number settings.
[Image]
Gaim should now connect just fine.
Because all your web traffic is now running through the SSH connection, it is secure from any local snooping: All the web surfing is actually being done by your home PC, and uploaded through the encrypted connection to your local PC. Even the server you are connected to the Web through cannot see what you are doing, or what port you're doing it on.
http://geekblog.oneandoneis2.org/index.php/2007/04/25/secure_web_access_...
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
This is awesome!
I never realised how simple it was when using Putty... Good Work!
I always thought you needed to set up proxy software at home, and do all manner of clever things.
It was really irritating that I couldn't use Thunderbird from work because of the proxy server. Now I can. And when I found out it was as simple as the above, and could ALL be done with portable apps, I just had to write up the "Howto" because it makes the apps that much more portable - all you need is a web connection and they can all run, and fully-secure to boot!