I have had so many people ask me about security while using a public Internet service. I personally use this regularly. When using a public WiFi, one doesn’t want their Internet traffic just out there for anyone to see. So, tunnel it!
This guide assumes that you have an SSH Server (usually a Linux machine) that you can access via Port 22.
-> On the machine that you will be connecting from, download and run Putty
-> In the box labeled Host Name (or IP address), type the WAN IP address of your remote SSH Server. In the box below Saved Sessions, type a name for your proxy, like MyProxy, and click Save.
-> Click on SSH. Check the box Enable Compression. Ensure that under Encryption that at lease 2 is enable, preferred 2 only ( if your server can handle).
-> Go to Connection > SSH > Tunnels. In the Source port box, enter 127.0.0.1:8080. Leave destination blank. Set the tunnel type to Dynamic and click Add.
-> On the left, go to Session and click Save, then click Open.
-> The first time you connect, you will be prompted to accept the SSH encryption key, do so. You will then be asked for a username and password.
-> Minimize Putty and open Firefox, go to Tools > Options > Advanced> Network > Settings. Select Manual proxy configuration. Add the SOCKS Host IP address and Port to 127.0.0.1 and 8080 respectively. Make sure that in No Proxy for: there is nothing (at least not 127.0.0.1 or localhost)
Congratulations, you are now tunneled through a secure SSH session. All sites should be available. Keep in mind, your Internet experience will be a bit slower, depending on your home ISP connection speed. Putty can tunnel any traffic, really. I have it tunneling IMAP, SMTP, and RDP traffic as well.
As an added level of security, so your DNS requests won’t be cached on the public WiFi’s DNS Server, and because some particularly restrictive network administrators – – set DNS entries to localhost for certain web sites they don’t want you to go to, you can get around this by making Firefox do lookups through the SOCKS proxy you set up.
To enable this option open up Firefox and type about:config in the address bar. In the filter box type socks. Set the network.proxy.socks_remote_dns option to true. If it is not listed, right click, pick new -> Boolean, name it “network.proxy.socks_remote_dns” and set it to true.
You can also setup Putty to forward other ports – for instance – you want to use Remote Desktop to connect to your XP box via Remote Desktop, or VNC to connect to your Mac.
Under the Tunnels portion, add local port 3390 and destination IP:3389 – then open remote desktop (start run, mstsc) and type in 127.0.0.1:3390 – this will forward this to your remote port 3389 and you are connected!
Same thing for VNC – use a different port than the default – Local Port: 5901 to Dest. IP:5900
Notice I have two VNC connections – using two different local port #’s but the same dest port # – as long as the IP is different on the dest. side, it works!
I hope this is useful. Feel free to comment on how you use putty!