Networking :: How To Set Up Ssh Tunnel Through Http Proxy?

Mar 10, 2010

My school network uses a http proxy to access the internet, but I am dubious about the security, and so I would like to use http inside ssh to keep my data secure. I don't really know where to start on this, so a step-by-step guide, or links to resources, would be helpful.

View 2 Replies


Networking :: SSH Tunnel Through NTLM Authenticated HTTP Proxy

Mar 7, 2010

I have a problem setting up a SSH tunnel. I know how it's usually done, but the setup is different this time. I am behind a HTTP(S) and FTP proxy, that does NTLM authentication, and I want to access a server beyond the proxy.

So far, the best I have achieved is installing and configuring CNTLM as a local proxy for the authentication part. Using CNTLM, I managed to access and mount a secured (https) DAV share using davfs2. In theory, CNTLM should let me setup permanent tunnels from local ports to distant ports, and it does; however these tunnels don't seem to work for SSH nor for IMAP (another protocol I tried).

I suspect the problem is that neither SSH nor IMAP is HTTP- or FTP-based, but anyway it does not work. So back to square one: how should I proceed to get ssh to connect through the HTTP proxy (with NTLM authentication) to the remote server? For that matter, if there's a better way than SSH to create a tunnel, that would work in my situation, that's OK with me. Just in case, here are the relevant parts from my firewall setup on the server:

# default policies
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT ACCEPT

# reset
iptables -t filter -F INPUT
iptables -t filter -F FORWARD
iptables -t filter -F OUTPUT

# allow continuation of established connections
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t filter -A INPUT -f -j ACCEPT

# allow local connections
iptables -t filter -A INPUT -i lo -j ACCEPT

# open ports:
# ssh
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT

View 2 Replies View Related

Networking :: HTTP Requests Always Go By TCP Connect Tunnel?

Aug 14, 2010

How do Http requests and responses go from a client to the server? IS a TCP Connect Tunnel always formed or is there some different mode ?

View 4 Replies View Related

Networking :: How To Use Security HTTP Proxy

Sep 19, 2010

I have a http proxy account. It works well under windows through wodTunnel(an active X control component). But, I usually works under linux. I want to use it here. But I don't know how. I tried gstm, it can connect to the server successfully, but it seems can't respond to my http request. What should I do next?

View 3 Replies View Related

Networking :: SSH Connectivity Over HTTP Proxy

Jan 13, 2010

Machine 1) I have a Server with RHEL5.
eth0 = 192.168.48.x (static class C ip connected to VLAN switch)

Internet available via HTTP proxy through vlan but from other main server but not from machine below.

Machine 2) I also have a Server with RHEL4.
eth0 = (public IP for availing internet)
eth1 = (class c ip to share internet via squid on the same LAB)
eth2 = (class c ip connected to VLAN switch)

Now what I want is ssh connectivity available to Machine 1, so as to enable remote machines on the internet connected. I know that it might be hard for Machine 1 to share ssh directly on the internet but if there is any kind of tool or tricks to setup pls tell. So the only chance is ssh via machine 2 then after connected to Machine 2 then again ssh to Machine 1. But how do I make ssh available online? IPtables are set correctly machine 2 can't be ping on the internet.

View 2 Replies View Related

Ubuntu Networking :: SSH Through HTTP Proxy Locally

Feb 18, 2010

I'm behind a very blocked firewall that only allows connections through port 80 and 443. I wish to ssh to my machine at home, but the port is blocked. Is there a simple server that I can run to route my ssh connection through http?

View 2 Replies View Related

Networking :: Configuring EBox As HTTP Proxy?

Mar 22, 2010

I am trying to configure an eBox to act as an http proxy but having trouble using that proxy on client computers to browse internet. The ifconfig on ebox returns the following:

eBox141:~# ifconfig
Link encap:Ethernet HWaddr 00:0c:29:ee:64:f2
inet addr: Bcast: Mask:
inet6 addr: fe80::20c:29ff:feee:64f2/64 Scope:Link
RX packets:90045 errors:0 dropped:0 overruns:0 frame:0
TX packets:226 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7043548 (6.7 MB) TX bytes:35150 (34.3 KB)
Interrupt:16 Base address:0x2024

Link encap:Ethernet HWaddr 00:0c:29:ee:64:fc
inet addr: Bcast: Mask:
inet6 addr: fe80::20c:29ff:feee:64fc/64 Scope:Link
RX packets:1123 errors:0 dropped:0 overruns:0 frame:0
TX packets:781 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:949754 (927.4 KB) TX bytes:92267 (90.1 KB)
Interrupt:16 Base address:0x20a4

eth0 is on the internal lan with the client from which I want to access the internet
eth1 is can access internet all right.

The ifconfig on a client returns
Link encap:Ethernet HWaddr 00:0C:29:46:58:7F
inet addr: Bcast: Mask:
inet6 addr: fe80::20c:29ff:fe46:587f/64 Scope:Link
RX packets:16014030 errors:0 dropped:0 overruns:0 frame:0
TX packets:835276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1297106653 (1237.0 Mb) TX bytes:738158694 (703.9 Mb)

I configured the Firefox on the client to use eBox's ip address/port in the proxy settings but I still can't get on the internet.

eBox is on a vmware workstation 7. It is eBox 1.4.1
eBox has two virtual nics (above) - one is NAT (eth1) and the other is bridged (eth0)
The client is on vmware ESXi 4.0. It's an openSUSE 11.2.

View 2 Replies View Related

Networking :: Http Request Forwarding To Proxy

Feb 26, 2009


i want to redirect the packet to proxy server. can u help me.

Present network.

MY internal network ==> switch ==> proxyserver ==> router ==> internet.
(for internet i use
to connect proxy, in web browser==> lan settings ==> proxy server ip address )

What i want is

My internal network ==> getway or firewall ==> switch ==> proxy server ==> router==> internet. ( where this getway or firewall i can configure for forward http request to proxy server.)

so that i can separate my internal network from intranet but able to access the internet.

help me out


View 2 Replies View Related

Ubuntu Networking :: Slow Response For HTTP Proxy Over SSH?

Dec 3, 2010

I'm a little stumped on this one so I reaching out to see if anyone here has any idea. I just changed my ISP to Surewest as they're doing fiber straight to the house in my area so I have 8Mbps up and down.

I have my linux box running openssh and I have no problems SSHing into it from my remote laptop at work. I use putty to connect to it and create a tunnel so I can configure my firefox to use it as a SOCKS proxy. The problem is my response time for page loads in firefox is atrocious now. It'll take over a minute to load The only real differences in my setup now are my ISP and router hardware at home. Previously, I was using the firewall that was built into my AT&T Uverse gateway. Now, I'm using my old Linksys WRT54G v5.0 router with the latest firmware. My linux box is wired directly into it with ethernet. When I run the speed tests from that box I get my correct speeds of 8Mbps up and down with <15ms ping. From what I can tell, all of my router settings are correct.

View 1 Replies View Related

CentOS 5 Networking :: Connect To HTTP Proxy Server ?

May 16, 2010

I'm trying to set up a server for an NPO who connects to the Internet through an internal proxy (Websense). I can't access the Internet unless through the proxy.

Since it's a server I did not install a GUI so I'm wondering how to connect the new server to said proxy server. I have the IP address, port number and username-password for the proxy server. The new server has a static IP address and is ready too go!

View 6 Replies View Related

Fedora :: TOR Onion Routing - Set Proxy For HTTP And HTTPS In Firefox But Say's 'unknown Proxy'

Jul 7, 2010

I've been trying to make myself anonymous, but I cant find 'Tor' anywhere, tried 'yum & kpackagekit' neither have it. I did find 'Privoxy', installed it, set proxy for HTTP and HTTPS in Firefox, but it says 'unknown proxy' when I try to use it! I've been to the Privoxy web site and read through the 'User manual', but most of it is 'geek' to me!

View 8 Replies View Related

Networking :: Forward Local HTTP Requests To Remote Proxy?

May 4, 2011

How to forward local HTTP requests to remote Proxy with IPTables ?

View 1 Replies View Related

General :: Convert HTTP Proxy To SOCKS Proxy?

Feb 27, 2010

I've been doing some security testing in a lab environment that does not have direct internet access. It's actually a little complicated: From home to connect to my lab machine, I

1. SSH to machineA.
2. SSH from machineA to machineB

where machineB is my actual lab machine. neither machineA or machineB allow anything other than SSH, and machineB is only accessible from machineA. However, I really need to run yum on machineB. I have managed to get internet access via Firefox on machineB by creating a series of SOCKS proxy via SSH.

1. machineB: ssh -L 12345:localhost:12345 user@machineA
2. machineA: ssh -D 12345 user@machineC
3. machineB: configure firefox to use socks proxy, localhost, 12345

where machineC has internet without limits placed. This is the only way I have managed to get internet working. I tried using ssh -L all the way from machineB->machineA->machineC but it didn't work (even when setting Firefox to use http proxy). I tried using ssh -D all the way, but again that doesn't work either.

I do have access via Firefox using socks proxy. However, yum update fails to retrieve mirror list, and from what I have found I don't believe yum supports socks proxy directly. Instead, it uses http_proxy / ftp_proxy. how to get yum to go out over the SOCKS proxy I created (same one using in Firefox)? It seems like since Firefox can access the internet and everything without issues, i should be able to get yum to tunnel through the same connection to access everything.... I tried


View 1 Replies View Related

Ubuntu Networking :: Redirect All Http/https/ftp Traffic Through The Remote Proxy?

Apr 6, 2011

I need to redirect all http/https/ftp traffic through the remote proxy, but when I changes connection settings in browser or in System->Preferences->Network Proxy it doesn't work well: instead of getting page content browser asks for saving some short (8 bytes) file with the same content for all requested pages. It happens in Chrome/Opera/Firefox. This proxy requires authorization and works on computer with Windos XP. It worked well when I was using Windows 7 and Proxifier, now I have Ubuntu 9.10 with all available updates.

View 3 Replies View Related

CentOS 5 Networking :: Check If Clamav Is Scanning HTTP Traffic Squid Proxy Server?

May 21, 2011

I'm trying to setup a Centos 5.6 Squid Proxy Server with Content Filtering & Antivirus Scanning Incoming HTTP Traffic from the Internet

I then proceeded to setup an configure the Proxy Server, i was able to test and confirm that Squid and Dansguardian Content Filter is working, however i dont know if Clamav is scanning HTTP traffic before it hits the client/server. Is there a way i can check if the Antivirus scanning is working.. is there some log file or real world test i can i can do to confirm that Clamav is scanning incoming traffic or even blocking potential viruses ??

Anyone who has squid proxy server with Clamav configured and its working can share there settings/setup with me and how they tested it ??

View 1 Replies View Related

General :: 2 Linux Boxes / Proxy And Ssh Tunnel Forwarding

May 25, 2011

I need create ssh forwarding to other linux box that works as a proxy.I have two linux boxes(centos 5.5), one in the office(server1) behind firewall, other at colocation(server2)server1 has squid proxy instaled on port 3128.i cant use server1 as a direct proxy from home because its behind firewall.iwas able to create ssh tunnel from server1 to server2 and when i log in to server2 ican ssh root@localhost -p 12312 to server1

what i need is configure server2 so it forwards port server2:3128 to server1:3128....and i could add server2 ip addres and port to firefox proxy's and access ofice network.

View 3 Replies View Related

OpenSUSE Network :: 11.2 - Use Proxy Server Non HTTP

Feb 1, 2010

I need to have Opensuse 11.2 use my proxy server here in the office and it is by hostname/ip:8080 only not HTTP. The problem is using Yast2 I don't have the option of using the proxy that way it wants http. I've been using opensuse on and off since 9 (great flavor BTW my favorite) Easy as you need it to be and just as complicated as you want it to be, a perfect mix.

View 8 Replies View Related

General :: Forward *only* Http Proxy Across Vlans?

Jul 28, 2010

My router has two bridges, br0 and br1. I'm sharing wifi access, and the guest subnet will be 192.168.2.x.The home subnet will be 192.168.1.x. I want all traffic destined for port 80 from the guest net to forward to a proxy port on a box on the home network. That's the only traffic I want to cross the bridges. How do I set this up with iptables on the router?

View 1 Replies View Related

OpenSUSE Network :: Yast Could Not Connect With HTTP Proxy

Apr 25, 2010

My box has to connect to internet using specified http proxy.I have set proxy in both kde control center and yast2 control center. They both tell me the proxy works fine. But when I really try to use yast2 to update my system, it report an error:

Failed to download ./repo/repoindex.xml from [URL]
History: - [] URI = [URL]

Even I try
export http_proxy=http://XXXX
yast in command line,the error still exist.

In debian apt-get and slackware slackpkg,my proxy works fine. So I am sure it is not my fault and maybe it is a bug of yast2.

View 7 Replies View Related

General :: How To Setup Stream Across Subnet Using HTTP Proxy

Jun 27, 2010

Computer A has two network interfaces. One is on a subnet and has an IP of and the other is on subnet and has an IP of
eth1 can communicate with modem(, which also acts as a gateway to the Internet.
eth0 can communicate with my internal LAN, which consists of several computers including Computer B. This subnet has it's own gateway to the internet at However gateways will not apply to this scenario. I just added them to help paint a picture of my network.

What I am trying to do is tunnel http from a web server running on the modem( across to Computer B within my internal LAN and be able to view the http content via a browser. Sure I can just open a browser on Computer A, but I'm running Computer A headless. I can also curl it from a command line, but I'd like to learn how to tunnel across a subnet. If I get this to work, would I be able to interact with the site(i.e. make modem configuration changes)? or would it just be one way? How do I tunnel data from the eth1 subnet over to the eth0 subnet and over to Computer B on my internal LAN?

What I tried was the following:
I setup a proxymini to run on Computer A and have it listening on the eth0 interface on port 8080 by using this command 'proxymini -l -p 8080'.
Then on computer B, I setup httptunnel -a 80 -p -d
Then I should be able to view the site through a browser on port 80 on the computer I run httptunnel? This setup isn't working.

View 1 Replies View Related

Security :: BigBlueButton - From HTTP To HTTPS Reverse Proxy

Sep 17, 2010

I am working on a project to create a video conferencing environment. For this I use a default installation of BigBlueButton on ubuntu 10.04. One of the main problems here is that it's not safe enough to share classified documents trough this software. It's a simple webserver that uses nginx. What I want to do is make this connection secure.

One of the problems is that I don't only have a connection trough port 80 but it uses the following ports:
Port 80 (HTTP), 1935 (RTMP), 9123 (Desktop sharing).
I would like to use a proxy instead of some tunneling or vpn to do this. Would anyone happen to know anything about squid or another equivalent to do this?

View 3 Replies View Related

Security :: Bypass Proxy By Encrypted HTTP Access

Aug 30, 2010

My company web access is behind proxy(http://abc.proxy). Network admin can get to check who is top10 user and web they access. I owned a centos server. I have a thought that create an encrypted tunnel within proxy so the admin cant detect my http address. This is how it going to works

client with OpenVPN -> OpenVPN server(centos with company proxy)-> proxy -> internet

My connectivity in my client are using OpenVPN server as bridge. Hence, no record for client is recorded in my Network admin monitoring list. OpenVPN server's activity can be traced by network monitoring tools, just assume that our ultimate goal is to hide client activity.

View 2 Replies View Related

Server :: HTTP Proxy With Username / Password Support?

Jan 13, 2011

I bought a firefox extension which support proxy with username and password, but seems only http version and not socks 5 server which I already have installed on server. I know for privoxy, but privoxy don't support username/password. Is there anything else what works with username/password? Also what is different between http and socks5?

View 3 Replies View Related

Debian :: Squd3 Proxy Server - HTTP Pages Not Loaded

Oct 2, 2015

I want to start using squd3 as proxy server for one of my network

I was try using some configurations but http pages not loaded.

View 0 Replies View Related

Server :: Will Squid Work To Reverse Proxy Non-HTTP Traffic?

Aug 2, 2011

I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 2 Replies View Related

Networking :: Craft A Valid Http/1.1 Request For Getting Http Headers (not The Html File Itself)

Sep 27, 2010

Using netcat, nc(1), craft a valid http/1.1 request for getting http headers (not the html file itself!) for the main index page of www dot aalto dot fi. What request method did you use? Which headers did you need to send to the server? What was the status code for the request? Which headers did the server return? Explain the purpose of each header.

nc -v www dot aalto dot fi 8080
host: www dot aalto dot fi
And it returns:
200 OK
Content-Length: 858
Content-Type: text/html
Last-Modified: Thu, 02 Sep 2010 12:46:01 GMT

I really don't know what does it mean. Question 2: Using netcat, nc(1), start a bogus web server listening on the loopback interface port 8080. Verify with netstat(, that the server really is listening where it should be. Direct your browser to the bogus server and capture the User-Agent: header "Direct your browser to the bogus server and capture the User-Agent: header" I don't understand this question.

View 2 Replies View Related

Server :: Will Squid Or HAproxy Work To Reverse Proxy Non-http Traffic

Apr 19, 2011

Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 4 Replies View Related

Server :: Apache Reverse Proxy Slow In Serving HTTP Requests

Mar 18, 2010

A Linux (CentOS5.3) server is setup with apache reverse proxy. The reverse proxy server is opened to outside and an internal server is mapped to ProxyPass configuration. SSL certificate is also installed on the Apache reverse proxy server. The problem is, it is extremely slow in serving http requests through reverse proxy. There is no problem with server resources or bandwidth. When the internal server is directly accessed through Internet, there is no delay. The backend server and the reverse proxy server are also on the same switch (same subnet). When I searched the Net, there were recommendations to enable cache in Apache. I did so as follows in httpd.conf.

<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLevels 5
CacheDirLength 3

But still there is no progress. Do I want to enable cache in ssl.conf too? Or is there any other workaround to speed up Apache reverse proxy. Is there a way to check that caching is happening?

View 4 Replies View Related

Networking :: Squid Proxy Server On Ubuntu And WPAD - Proxy Auto Detection?

Dec 9, 2010

Currently my DHCP Server is working now what i want to have is auto detection of squid proxy in any browser but I still got an error in my dhcp server when I restart it.

My Config:

# DHCP configuration generated by Firestarter
ddns-update-style interim;
ignore client-updates;


View 2 Replies View Related

Networking :: Forwarding All Traffic To The Proxy To Another Proxy

Oct 28, 2009

At the moment I have a proxy and all the users have to configure it in the browser to access internet. I want to make the users able to browse even without configuring the proxy in the browser. but eventually it should be received in the proxy rather than giving an error to the user. I heard with transparent proxy I can redirect all the traffic from a particular network, to a particular host( ie my existing proxy).

I tried this using firewall rules. But then the existing proxy doesn't understand the protocol of the requests. I heard that it should be in the kind of proxy protocol.

View 1 Replies View Related

Copyrights 2005-15, All rights reserved