[lug] traceroute on forwarded ports plus socks vs port forward

karl horlen horlenkarl at yahoo.com
Wed Jul 6 15:49:35 MDT 2011 

this seems to be the way to go.

ok so back to the other question.  i guess i can pull up whatismyip.com to determine if this setup is actually working.  but are there any quick command line utilites that will also confirm the routing through my proxy host.  or is a packet sniffer the only option.  since socks works through an application, i'm not sure anything outside of packet sniffing can do the job.

thanks for all the replies
--- On Wed, 7/6/11, John Hernandez <jph at jph.net> wrote:

From: John Hernandez <jph at jph.net>
Subject: Re: [lug] traceroute on forwarded ports plus socks vs port forward
To: "Boulder (Colorado) Linux Users Group -- General Mailing List" <lug at lug.boulder.co.us>
Date: Wednesday, July 6, 2011, 1:28 PM

I second the SSH dynamic tunnel recommendation.  I use 'ssh -D 1080' then configure my SOCKS-aware applications (Firefox, etc) to proxy through localhost:1080.  You can even get fancy using plugins like FoxyProxy, allowing Firefox to access only selected URLs through the tunnel based on pattern matching.


On Wed, Jul 6, 2011 at 1:49 PM, karl horlen <horlenkarl at yahoo.com> wrote:


unfortunately the VPN server we use uses a global config for all clients and they don't want internet traffic being routed through it

 
--- On Wed, 7/6/11, Dan Ferris <dan at usrsbin.com> wrote:


From: Dan Ferris <dan at usrsbin.com>
Subject: Re: [lug] traceroute on forwarded ports plus socks vs port forward
To: "Boulder (Colorado) Linux Users Group -- General Mailing List" <lug at lug.boulder.co.us>

Date: Wednesday, July 6, 2011, 12:42 PM



  

    
    
  OpenVPN is your friend in these types of situations.  You can use an
    OpenVPN server to push routes for things around.  It's also a lot
    more reliable that using things like SSH tunnels.

    

    Dan

    

    On 7/6/2011 10:48 AM, karl horlen wrote:
    
      
        
          
            i'm trying to route
              local port 80 / 443 locally to an external server so i can
              browse through it. 

              

              is there a way to confirm that i am indeed using those
              ports?  when i run a tracert (the client is windows and
              i'm running tracert from cmd aka dos prompt), the hops
              still route through my dsl provider.  i presume that is
              the correct behavior since traceroute probably works on a
              different port other than 80 or 443.  

              

              so other than using a packet sniffer, is there a command i
              can run to prove when i load an url in a browser that i'm
              actually routing through my remote server via ssh tunnel
              and not through the hops associated with my dsl provider.

              

              finally, i'm forwarding two local ports, 80 and 443 and am
              assuming that on a windows box the browser should just
              find and use these ports.  i've seen recommendations for
              using a socks proxy to achieve the same result.  i'm
              trying to understand the difference.  from what i gather,
              a socks proxy will do the same thing but you only have to
              set one forwarding which is the socks ip address instead
              of two (80 and 443) in port forwarding method.  but you
              also have to configure the app, in this case the browser
              to use the proxy, an additional step.  then the browser /
              app simply forwards all requests on any and all ports fed
              to it to the socks proxy port. is this correct?

              

              i guess i'm not sure what the benefits are to using one
              method vs the other.  since ssh (windows putty) allows you
              to configure multiple port forwards in one definition,
              once you set it up, you just have to kick off the
              connection so it saves you the hassle of enabling
              disabling socks proxy in your browser config.

              

              so why would i want to use a socks proxy?  i can't think
              of any

              

              thanks

              

            
          
        
      
      
_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
    
    

  

-----Inline Attachment Follows-----

_______________________________________________
Web Page:  http://lug.boulder.co.us

Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety

_______________________________________________

Web Page:  http://lug.boulder.co.us

Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety



-----Inline Attachment Follows-----

_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20110706/8fac4bc3/attachment.html>

More information about the LUG mailing list