Scribd Logo
Upload

Welcome to Scribd!

  • 148 views

    Setting Up A Proxy Server at Home

    Uploaded by

    ratnaraj_kanungoe
    There are three main reasons to set up a secure proxy server on a home computer: 1. To encrypt network traffic and hide browsing activity from employers or others. 2. Prerequisites include obtaining the home computer's external IP address and setting a static IP address on the home network. 3. The process involves installing an SSH server and proxy software on the home computer, opening required ports on the firewall and router, and configuring an SSH client and browser on other devices to tunnel traffic through the secure connection.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    Setting Up A Proxy Server at Home

    Uploaded by

    ratnaraj_kanungoe
    148 views5 pages
    There are three main reasons to set up a secure proxy server on a home computer: 1. To encrypt network traffic and hide browsing activity from employers or others. 2. Prerequisites include obtaining the home computer's external IP address and setting a static IP address on the home network. 3. The process involves installing an SSH server and proxy software on the home computer, opening required ports on the firewall and router, and configuring an SSH client and browser on other devices to tunnel traffic through the secure connection.

    Original Title

    Setting Up a Proxy Server at Home

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    There are three main reasons to set up a secure proxy server on a home computer: 1. To encrypt network traffic and hide browsing activity from employers or others. 2. Prerequisites include obtaining the home computer's external IP address and setting a static IP address on the home network. 3. The process involves installing an SSH server and proxy software on the home computer, opening required ports on the firewall and router, and configuring an SSH client and browser on other devices to tunnel traffic through the secure connection.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    148 views5 pages

    Setting Up A Proxy Server at Home

    Uploaded by

    ratnaraj_kanungoe
    There are three main reasons to set up a secure proxy server on a home computer: 1. To encrypt network traffic and hide browsing activity from employers or others. 2. Prerequisites include obtaining the home computer's external IP address and setting a static IP address on the home network. 3. The process involves installing an SSH server and proxy software on the home computer, opening required ports on the firewall and router, and configuring an SSH client and browser on other devices to tunnel traffic through the secure connection.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 5
    At a glance
    Powered by AI
    The key takeaways are that setting up a secure proxy server on your home machine allows you to encrypt your network traffic and hide your browsing activity. It works by routing all your network traffic through your home machine.

    The steps are: 1) Install an SSH server on your home machine, 2) Install a proxy server like SpoonProxy, 3) Open port 22 in Windows firewall and your router, 4) Install an SSH client like PuTTY and configure port forwarding, 5) Configure applications to use the proxy.

    Port 22 needs to be opened on your Windows firewall and broadband router. Ports 80, 443, and 1080 also need to be forwarded from your router to your home machine.

    Why would you want a secure proxy server on your home machine?

    There are several good reasons for a setup like this. The primary purpose is to encrypt your
    network traffic. You may want to hide your browsing or chatting from your employer OR
    something as benign as not wanting people to see your passwords when connected to a hotspot at
    your local $tarbuck$. When you are browsing through your home proxy server, whomever is
    'sniffing' your netowork traffic can only see lots of random packets going to your home machine.
    Due to the nature of these programs, you should only set this up if you have a broadband
    router or other NAT device in front of your home network.

    The following pre-requisites will make things a lot easier:

    Know your home machine's external IP address. For this, you'll need either a static IP
    address from your ISP *or* have a dynamic DNS client installed. For testing purposes,
    you can view it via http://www.whatismyip.com.
    Give your home workstation a static IP address on your home network. Open up a
    command prompt and type 'ipconfig /all' and note the current IP address, gateway, and
    DNS servers. Assign your computer a static IP address that is 50 more than its current
    dynamic IP (that's a safe bet since most home networks would never have >50 devices
    connected to it, even if the broadband router has a DHCP scope larger than that). Use the
    existing gateway & DNS servers.
    Know that your mom goes to college

    Doing this involves four steps:

    Installing an SSH server on your home machine. SSH is an encrypted version of telnet
    which also allows a function called port forwarding. It's this port forwarding that allows
    you to redirect your network traffic through this proxy. SSH will also function as your
    authentication mechanism, keeping random people from being able to use your machine
    as a proxy.
    Installing a HTTP/Socks-5 proxy server on your home machine.
    Opening up the SSH port on your home firewall AND in WindowsXP's firewall (if it
    exists).
    Installing an SSH client with the appropriate port forwarding settings on your client
    machine (work machine, laptop, etc).
    Configuring each application to talk through the proxy
    Step 1: Installing an SSH server on your home machine

    Download and install the SSHWindows installer from Sourceforge:


    http://sourceforge.net/project/showfiles.php?group_id=103886&package_id=111688,
    accepting all defaults.
    Open up a command prompt (start > run > cmd) and type the following:
    cd\program files\openssh
    mkgroup -l >> etc\group
    mkpasswd -l -u %username% >> etc\passwd
    net start opensshd

    That will create a local ssh user group and give the current logged in user the ability to
    log in (the password will be the same as your windows login password - if it's blank,
    change it to something harder!). It will then start the ssh server service.

    Step 2: Installing SpoonProxy, a Windows proxy server


    Download spoonproxy: http://www.pi-soft.com/spoonproxy/index.shtml. It costs $19 for
    a 1-user home license, but there is a 30-day trial.
    Launch spoonproxy: Start > All Programs > Spoonproxy > spoonproxy. Spoonproxy's
    default configuration works just fine, so just minimize it.

    Step 3: Opening up ports in Windows firewall & your


    broadband router
    If windows XP firewall is enabled, you need to open up the incoming SSH port. To do
    this, right-click on My Network Places and choose Properties. Now right-click on your
    primary network card and choose properties. Go to the Advanced tab and click on
    Settings under windows firewall. Click on the Exceptions tab and then 'Add Port'. Name:
    ssh Port number: 22 (TCP). Click OK, OK, OK.
    Now you must open up the port on your broadband router. To do this, most broadband
    routers have a web interface. I can't walk you through this because it's slightly different
    on every system. You want to tunnel external port 22 to the (internal) IP address of your
    home computer port 22.
    Step 4: Installing puTTy, a Windows SSH client on your
    work computer or laptop
    Download puTTy: http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe.
    puTTy is a free SSH client that is a single executable; there is nothing to install. Save
    puTTy.exe to your desktop.
    Double-click on puTTy. First, scroll down the left column under Connections > SSH >
    Tunnels. From here, you need to add three ports to be forwarded. For Source Port, enter
    80. For destination, type localhost:8080 then click on add
    Do the same for what you see below: 443, localhost:8081 & 1080, localhost:1080. This
    forwards http, https, and socks-5.
    Now, go up to the top and click on Session. Under "host name or IP address", enter your
    home computer's external IP address or dynamic DNS name. Under 'saved sessions', type
    in "SSH home" and click on Save. This will save these connection settings for everytime
    you want to connect to your home machine.

    To connect, click on Open. You should be asked to accept the SSH certificate (choose
    'Accept & Save'). Login using your home windows computer's login and password. You
    should then see a command prompt. You are now connected and set up to tunnel traffic -
    you can now minimize (don't close) puTTy. This session must remain open to proxy your
    web traffic.

    Step 5: Configuring applications to go through the tunnel


    Firefox: I recommend configuring one browser (such as firefox) to always go through the
    proxy, leaving your other browser to browse your corporate intranet (or access sites that
    you do not wish to proxy). Alternatively, you can simply tell firefox for which URLs to
    not use the proxy. In Firefox, go to Tools > Options > General > Connection Settings. Set
    up the HTTP and SSL connections as seen here:

    You should now be browsing through your home machine. Remember, the speed will be
    limited to your home machine's upstream connection (since your home machine is
    essentially downloading the web page then re-uploading it to you). If you wish to test that
    it's working, close puTTy. You should now be unable to browse the 'net.

    AIM and Yahoo both support SOCKS5 proxying. Simply go into the connection settings
    and enable socks5 proxying... server = localhost port = 1080 (default).

    Done!

    All you have to do is launch puTTy and connect to your home machine whenever you wish to
    securely browse.

    You might also like