Subscribe via

How to Encrypt Your Internet Traffic

Thaya Kareeson

This is the coolest trick I learned while working at Blinkx. At the time, our management really hated when we go on any type of instant messaging applications. I also suspected that our messenger conversations and other internet activities were being monitored. I was pissed so this is what I did to combat their nosiness.

Open an SSH Tunnel to a Remote Machine

There are a couple ways you can do this (one through Putty and one through Cygwin). Personally I like the Cygwin method since it requires one command line. I will discuss the Cygwin method here.

  1. Download and install Cygwin. Make sure that you also install the ‘openssh’ and ‘vim’ packages.
  2. Open a Cygwin terminal
  3. In your home directory create a script called tunnel.sh
    vim tunnel.sh
  4. Place the following line into tunnel.sh
    ssh -x -2 -D 1000 <username>@<remote-machine>
  5. Make your script executable
    chmod u+x tunnel.sh
  6. Execute the script (enter your password to login to the box) and minimize the window (leave the connection open)
    sh tunnel.sh
  7. For password-less login, you can setup SSH key authentication but this is optional

That’s it! Now you have an SSH tunnel to the remote SSH box on your localhost port 1000. All you have to do now is tell your applications to direct all traffic to that port.
Configure Internet Applications to Proxy Traffic Through Your Tunnel

There are two ways to get this done. One way is easy but it costs money. The other way is easy and time-consuming but it’s free.

If you want to pay to do it the easy way, you can use programs like ProxyCap to handle all of your traffic routing. I’ve tried quite a few of these applications and I find that ProxyCap is the most powerful. ProxyCap lets you have multiple tunnels open and lets you tunnel specific traffic to any of the tunnels depending on IP or Application based rules. Even though this is the easier way to tunnel traffic, you won’t need to purchase this software if you are just tunneling an instant messenger and/or a web browser application.

Configuring Firefox to Use Your Tunnel

  1. Go to Tools > Options > Advanced (button) > Network (tab) > Connection > Settings
  2. Configure your Proxy settings like the image below:
    <!--enpts-->Firefox Proxy Settings<!--enpte-->
  3. Click “OK” and you are set!

Testing Firefox Proxy

In the web browser, check that your IP is different from before you tunneled your traffic by using cmyip.

Configuring AIM to Use Your Tunnel

  1. Open AIM connection preferences
  2. Set the Proxy settings
    <!--enpts-->Proxy Settings for AIM<!--enpte-->

Testing AIM Proxy

Shutdown your proxy tunnel and try to send a message to someone. Your AIM should now sign off once it realizes that I cannot send any traffic through port 1000.

Conclusion

You should now be able to enjoy the internet without having to worry about “Big Brother” monitoring your traffic. This is also useful when you are traveling and are using an public network to do secure transactions (e.g. financial transactions). The only thing that can be seen by a packet sniffer is just a bunch of SSH encrypted packets being sent to your remote machine. Sniffer applications will have no idea what the contents of the packets are and where their true destinations are.

Save and Share
StumbleUpon
Reddit

22 Responses to “How to Encrypt Your Internet Traffic”

[go to last comment]
  1. matt

    That’s very useful information. Thanks for sharing.

  2. Thaya Kareeson

    @Matt
    You’re welcome. Please let me know if you were able to make use of this information.

  3. Natty

    ill try this approach i got cygwing to work but can never get putty to work why? i dont know this is a different approach ill give it a try come back and tell you if it worked

  4. Thaya Kareeson

    @Natty
    You can try following the Putty method described here. Let me know if that works for you.

  5. Natty

    Yep i tried this on different pc and it works my conclusion is that putty and Tor on the same pc dont work unless you have a go around this id like to keep my TOR on and use ssh at same time have you tried TOR and this set up before ?

  6. Thaya Kareeson

    @Natty
    I think it they should work assuming that they are configured properly. Are you trying to chain tunnel or are you just planning to keep on Tor and use putty to SSH into boxes?

    The way I see it, there is no need for SSH tunneling if you are already using Tor.

  7. Dominic Moreland

    hi,
    is there a way to do this on a mac?
    thanks

  8. Thaya Kareeson

    @Dominic Moreland
    Have you tried this method using Firefox on a mac?

  9. Dominic Moreland

    Hi,
    thanks for the reply.
    Thing is, i can't set the tunnel up without cygwin can I? or rather i cant find a way to.
    Thanks.

  10. Thaya Kareeson

    @Dominic Moreland
    I think Mac OS X has SSH built into the command line. You can run the following command on the command line and skip Cygwin all together:

    ssh -x -2 -D 1000 &lt;username&gt;@&lt;remote-machine&gt;

  11. Thaya Kareeson

    @Dominic Moreland
    I think Mac OS X has SSH built into the command line. You can run the following command on the command line and skip Cygwin all together:

    ssh -x -2 -D 1000 <username>@<remote-machine>

  12. Dominic Moreland

    Oh, thanks alot!

  13. Bob

    I am getting this error:

    tunnel.sh: line 1: syntax error near unexpected token 'newline'
    tunnel.sh: line 1: `ssh -x -2 -D 1000 <username>@<remote-machine>`

  14. Thaya Kareeson

    Do you have windows end of line characters in your file? Run that file through dos2unix to make sure it's clean from windows end of line characters.

  15. Kraig

    Still receive the error

  16. exchangerates

    This is a very good article outlining three good ways to protect yourself from surfing or interacting online. I personally think that the third is the most overlooked as some people are still leaving their network open for someone else to connecting to the Internet, or worse, their computer. Take note of these great tips.

  17. Mr.Imran

    Thanks

  18. sandytreee

    hay,
    so in New Zealand, as of 1 June, all ISP's will be required to keep a log of their customers internet traffic, and essentially you are given 3 warnings for downloading anything illegal, and after that the ISP has to ban you for 3 months. basically, will encrypting my traffic using Cygwin stop my ISP from viewing my traffic?

    Its not that i partake in illegal downloading, its just that this is a big issue for me as it is basically taking away my privacy online.

  19. Thaya Kareeson

    Yeah, if you are encrypting traffic, it should be okay.

  20. Yusuf M

    Hi,

    I am new to this stuff and am hoping to use Cygwin to encrypt my traffic so that my ISP cant view it.
    I am struggling a bit with setting up Cygwin correctly.
    If anybody is keen to assist a newbie, i would really appreciate the help.

  21. Jurasick

    I did everything you mentioned but my IP@ is still visible through internet…………….

  22. Dave Matt

    Can i do this for my home computer to i.e. to access the internet.
    I am paranoid that my neighbor who is a hacker snoops on my browsing which is very irritating.

[go to first comment]

Leave a Reply