Solved

Encrypted HTTP, FTP Proxy Server?

Posted on 2004-09-12
7
2,122 Views
Last Modified: 2013-11-22
I have a FreeBSD box at home which is connected to the 'net via DSL.  

I have a Windows XP workstation at work which has internet access.  

I need to set up a proxy server on my FreeBSD box which will allow me to have an encrypted web and FTP proxy which I can access from work.

Something similar to this:

  http://www.winton.org.uk/zebedee

Zebedee allows traffic of various types to be redirected with encryption and compression.  I need information on how to set up a complete solution, both client- (Windows XP) and server- (FreeBSD) side which will enable me to point my browser to my FreeBSD box at home as a web / ftp proxy and use it.

Points go to the solution which lays out the steps in the most detail.
0
Comment
Question by:Zoplax
  • 4
  • 3
7 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 12038512
1) do not use any unnecessary software, but standard sshd, add AllowTcpForwarding Yes to /etc/ssh/sshd_config
2) ues MindTerm from Appgate.se or SecureFX from VanDyke.com as client, to dynamically forward ports for ftp session
3) if you did not mention the firewall at work - ues Port 443 for sshd too
0
 
LVL 6

Author Comment

by:Zoplax
ID: 12040752
Hi gheist and thanks for your info so far.  

I read an article recently similar to what you describe, they were talking about using Squid on a Linux box, and an SSH client on the Windows machine, to set up a tunnel through an SSH connection, and then have the web browser point to localhost and the tunnel port as a proxy server.  

Can you give me more details on forwarding web traffic?  Would I set up either of the client software you mention so that they first open a tunnel to my FreeBSD box, and then set up my browser to use that tunnel?  I'm not clear on how this would happen, though I haven't yet looked at these clients either so in the meantime I will do this.
0
 
LVL 61

Expert Comment

by:gheist
ID: 12041807
You run squid on some port like 3128, on loopback interface.
Then you forward some local port from your computer to that squid ( host 127.0.0.1 port 3128 ), I cannot help with "what buttons to push in ssh client"...
then you point your browser to that port on local machine.
I still wonder what makes you use havyweighted Squid for single user, when truckloads of lighter proxies are around for same purpose.
If you do not dynamic port forwarding for FTP, just a www forwarding, you can use best free client for ssh, called putty, google for it, somewhere in .ac.uk domain
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Author Comment

by:Zoplax
ID: 12042906
Yeah Squid is overkill, that was just what the author of the article chose as an example; I've also seen this done using TinyProxy.

0
 
LVL 61

Expert Comment

by:gheist
ID: 12043006
Whne you get stuck somewhere just ask here, tinyproxy is much smaller.
0
 
LVL 6

Author Comment

by:Zoplax
ID: 12049316
Well I have TinyProxy and OpenSSH installed already, can you post examples of what each prog's should look like in order for me to be able to tunnel the traffic?
0
 
LVL 61

Accepted Solution

by:
gheist earned 250 total points
ID: 12149681
All is set via client as described 09/13/2004 12:36AM PDT, if something goes wrong post errors here.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now