[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Using SSH tunnels to secure network traffic from hackers / prying eyes

Published on
9,199 Points
Last Modified:
When you send traffic on the network or on wireless it may be in plain text and it may reveal all your passwords and details.  Most programs do not use encryption by default.

This is acceptable if you own every device on the network and are sure that it can not be intercepted by anyone else.  If you are using wireless - especially if you are using a shared public wireless point (a coffee shop etc) then your passwords are flying round in the air just waiting to be grabbed with nothing more than a laptop and some software.

As soon as you are on the wireless network and attached to the internet using something like VPN will encrypt all your traffic and pass it to a known destination.  VPN is not always the simplest system to setup and may be blocked by the network you are on.  Another system is called SSH Tunnelling.

All you need for this to work is a Linux (or unix) server in a remote location (for example at home or at work) on a publicly accessible network.  This can be an old PC attached to your network or a web server on the internet from a hosting company (one where you get ssh access).

This server then becomes a stepping stone in the middle.  Your data is encrypted and sent to this server where it leaves and goes out onto the Internet. Check that this server has SSH server running on it.  If not install it and start it.

SSH is very easy to install for example -

If you wish (or need) to use http proxy then you will also need to install squid.  This is fairly simple to do and there are lots of how-to docs on the internet.  Set it up for port 8080.

Now on your workstation install puTTY :
Add in the IP (or hostname of your server) and save it with a name like my-server

Putty showing ip and port
On the menu on the left click CONNECTION and SSH and TUNNELS
Select Dynamic and source port 7070 and click 'add'
Select 'Local', source port '8080' and destination '' and click add again.

PuTTY showing tunnel settings
Click on SESSIONS on the top of the left menu and save this setup.

Now when you open it you get a terminal window.  If you do not wish to use this at all there is an option 'dont start a shall or command at all' under SSH on the menu.

While it is running you can run any application that works with a proxy.  If it allows Socks 5 or 4 proxy then point it to on port 7070 and it will now tunnel and the data will come out from your linux server.  If it only supports HTTP proxy then use port 8080.

Traffic sent over this system can not be grabbed out of the air (sniffed) by hackers as it is encrypted.
1 Comment

Administrative Comment

by:Eric AKA Netminder

Your article has been published.

Page Editor

Featured Post

Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…
If you, like me, have a dislike for using Online Subscription anti-spam services, then this video series is for you. I have an inherent dislike of leaving decisions such as what is and what isn't spamming to other people or services for me and insis…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month