Escape from HTTP monitor policies

Since I found out that it is possible to defeat the security of a firewall… it is also possible to go on the Internet totally secured… without beeing monitored

You need:

  • A SSH-server who listen to port 443;
  • An account on the SSH-server which allows tunnels;
  • A proxy server (i.e the one of your ISP).
  • A browser (I prefer Firefox);
  • In case of a Win32 system… a SSH-Client (i.e. PuTTY).

So what we first do, is setup a tunnel to the webproxy

putty -L 8080:wwwproxy.xs4all.nl:8080 -P 443 [email protected]

If you have done this… je set the firefox up to use the proxy server by using the next settings:
Proxyserver: 127.0.0.1 Port:8080

And it works… and all the HTTP traffic which goes in and out will be encrypted by the SSH-tunnel

Take a look at the next diagram:

Note: The case as described above was a bet with a good friend of mine, no illegal actions did happen!!!