My wife was in the hospital for 4 days this past week and at the end of the first day my wife felt well enough to sit up and she wanted to log into her myspace page to post some photos. The hospital offered free Wi-fi internet access for staff and patients but they run a WebSense firewall which blocks just about every site online other than email sites and internal Sentara intranet sites. We tried about 25 sites and all but 4 were blocked by the firewall. You can see the screenshot below.
We tried several online proxies such as proxify.com but all of those were blocked as well as sites that outline steps for bypassing firewall filters. Ultimately, I left the hospital that night when my wife fell asleep and I went home to stand up a SOCKS SSH proxy server.
I don't have a full blown Linux server running at the house so I used my Windows 2003 Enterprise Web Server to host the OpenSSH server.
The steps went like this:
- Install Cygwin in Windows 2003 with OpenSSH, vim, & diffutils
- Set /var writeable for all (chmod 777 /var)
- Set /etc/passwd & /etc/group as readable (chmod +r /etc/passwd)
- Run the SSH install script (ssh-host-config)
- Answered the questions in the script allowing a service account to be created and an NTService for SSH server
After the server was installed, I went to my client and installed PuTTY which is used to create the encrypted tunnel from the client to the server. See the instructions here. Once the SSH session has been established all that's left is to configure firefox to use the tunnel as a SOCKS proxy.
Now that the tunnel was functional, I ran wireshark to sniff the traffic in order to validate that this setup wasn't going to set off alarms by the hospital admins. Wireshark revealed that firefox was leaking DNS requests, which means that even though my tunnel was fetching the remote sites, it was sending DNS requests to the host network DNS (which would setup a huge red flag).
Luckily in FireFox you canstop this behavior by typing about:config into the web browser and editting the setting network.proxy.socks_remote_dns to true.
I unplugged the laptop, set a port forwarding rule in my smoothwall router for inbound ssh traffic, and returned to the hospital and hooked it into the network there. Everything worked perfectly.
Subscribe