[lug] traceroute on forwarded ports plus socks vs port forward

karl horlen horlenkarl at yahoo.com
Wed Jul 6 11:29:27 MDT 2011 

cool.  i think you're confirming exactly what i said. i didn't realize the part about forwarding dns though. thanks for the info.

--- On Wed, 7/6/11, Will <will.sterling at gmail.com> wrote:

From: Will <will.sterling at gmail.com>
Subject: Re: [lug] traceroute on forwarded ports plus socks vs port forward
To: "Boulder (Colorado) Linux Users Group -- General Mailing List" <lug at lug.boulder.co.us>
Date: Wednesday, July 6, 2011, 10:06 AM

As for you question of mutliple ports vs. one Socks port.  If you setup dynamic forwarding and point an application at it that is Sock aware your can forward all traffic through the tunnel without needing to know which ports it uses/needs.  Also if you use dynamic port forwarding and configure Firefox to use Socks v5 your DNS traffic as well as http and https traffic will go through the proxy completely hiding the sites that you are visiting or allowing you to resolve names that are blacklisted/not available on the local DNS server.


On Wed, Jul 6, 2011 at 11:01 AM, Will <will.sterling at gmail.com> wrote:

know=now

On Wed, Jul 6, 2011 at 11:00 AM, Will <will.sterling at gmail.com> wrote:


When you kick off SSH and setup the forwarding nothing is using it yet.  You know have to configure your browser or other proxy aware application to forward its traffic through the SSH tunnel.



On Wed, Jul 6, 2011 at 10:56 AM, karl horlen <horlenkarl at yahoo.com> wrote:



well i didn't configure a proxy yet but i tried this after kicking off two ssh port forwards on 80 and 443 and using that is showing my ip address to be my dsl router ip address.




--- On Wed, 7/6/11, Will <will.sterling at gmail.com> wrote:




From: Will <will.sterling at gmail.com>
Subject: Re: [lug] traceroute on forwarded ports plus socks vs port forward
To: "Boulder (Colorado) Linux Users Group -- General Mailing List" <lug at lug.boulder.co.us>



Date: Wednesday, July 6, 2011, 9:53 AM

Go to whatismyip.com with the proxy disabled and then enabled and watch your source IP change.




On
 Wed, Jul 6, 2011 at 10:48 AM, karl horlen <horlenkarl at yahoo.com> wrote:

i'm trying to route local port 80 / 443 locally to an external server so i can browse through it. 





is there a way to confirm that i am indeed using those ports?  when i run a tracert (the client is windows and i'm running tracert from cmd aka dos prompt), the hops still route through my dsl provider.  i presume that is the correct behavior since traceroute probably works on a different port other than 80 or 443.  





so other than using a packet sniffer, is there a command i can run to prove when i load an url in a browser that i'm actually routing through my remote server via ssh tunnel and not through the hops associated with my dsl provider.





finally, i'm forwarding two local ports, 80 and 443 and am assuming that on a windows box the browser should just find and use these ports.  i've seen recommendations for using a
 socks proxy to achieve the same result.  i'm trying to understand the difference.  from what i gather, a socks proxy will do the same thing but you only have to set one forwarding which is the socks ip address instead of two (80 and 443) in port forwarding method.  but you also have to configure the app, in this case the browser to use the proxy, an additional step.  then the browser / app simply forwards all requests on any and all ports fed to it to the socks proxy port. is this correct?





i guess i'm not sure what the benefits are to using one method vs the other.  since ssh (windows putty) allows you to configure multiple port forwards in one definition, once you set it up, you just have to kick off the connection so it saves you the hassle of enabling disabling socks proxy in your browser config.





so why would i want to use a socks proxy?  i can't think of any

thanks


_______________________________________________

Web Page:  http://lug.boulder.co.us

Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety



-----Inline Attachment Follows-----

_______________________________________________
Web Page:  http://lug.boulder.co.us



Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety



_______________________________________________

Web Page:  http://lug.boulder.co.us

Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety







-----Inline Attachment Follows-----

_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20110706/98dab531/attachment.html>

More information about the LUG mailing list