UnblockInternetwithFreeSShTunnel

http://opotoiki.com Hello,thankyouforreadmyebook. Tags:unblockinternet,unblockfirewall,bypassinternet,bypassfirewall,unblockfacebook, unblockgoogle,unblocktwitter,anonymousbrowsing,safebrowsing,freesshaccount,ssh tunnel.

Introduction
Asecureshell(SSH)tunnelconsistsofanencryptedtunnelcreatedthroughaSSHprotocol connection. Users may set up SSH tunnels to transfer unencrypted traffic over a network through an encrypted channel. For example, Microsoft Windows machines can share files using the Server Message Block (SMB) protocol, a nonencrypted protocol. If one were to mountaMicrosoftWindowsfilesystemremotelythroughtheInternet,someonesnooping ontheconnectioncouldseetransferredfiles.TomounttheWindowsfilesystemsecurely, onecanestablishaSSHtunnelthatroutesallSMBtraffictotheremotefileserverthrough an encrypted channel. Even though the SMB protocol itself contains no encryption, the encryptedSSHchannelthroughwhichittravelsofferssecurity. TosetupanSSHtunnel,oneconfiguresanSSHclienttoforwardaspecifiedlocalporttoa port on the remote machine. Once the SSH tunnel has been established, the user can connect to the specified local port to access the network service. The local port need not havethesameportnumberastheremoteport. SSHtunnelsprovideameanstobypassfirewallsthatprohibitcertainInternetservicesso longasasiteallowsoutgoingconnections.Forexample,anorganizationmayprohibitauser from accessing Internet web pages (port 80) directly without passing through the organization'sproxyfilter(whichprovidestheorganizationwithameansofmonitoringand controllingwhattheuserseesthroughtheweb).Butusersmaynotwishtohavetheirweb traffic monitored or blocked by the organization's proxy filter. If users can connect to an external SSH server, they can create a SSH tunnel to forward a given port on their local machinetoport80onaremotewebserver.Toaccesstheremotewebserver,userswould pointtheirbrowsertothelocalportathttp://localhost/. SomeSSHclientssupportdynamicportforwardingthatallowstheusertocreateaSOCKS 4/5proxy.InthiscaseuserscanconfiguretheirapplicationstousetheirlocalSOCKSproxy server. This gives more flexibility than creatinga SSH tunnel to a single port as previously described.SOCKScanfreetheuserfromthelimitationsofconnectingonlytoapredefined remoteportandserver.Ifanapplicationdoesn'tsupportSOCKS,onecanusea"socksifier" toredirecttheapplicationtothelocalSOCKSproxyserver.Some"socksifiers"supportSSH directly,thusavoidingtheneedforaSSHclient.

WhatisSSHtunnelling? Therearemanyoccasionsinwhichitisusefultoaccessresourcesandservicesonyour corporateorschoolnetworkremotely.Usuallyafirewallisconfiguredwhichwillstopfree accessfromthewholeInternettoyournetwork.ANetManagerprovidessecurefirewalling bydefaultmeaningthatallservicesareprotectedfromaccessbytheoutsideworld.You mayopenupaccesstoindividualservicesasyouseefit.Toconnecttoaserviceonyour NetManager,youneedtoconfigureyourclient(e.g.webbrowser,emailclient)tousethe externalIPaddressofyourNetManager.Thisapproachhasanumberofdrawbacks:

Accesstoserviceisopentoeveryoneunlessthefirewallismanuallyconfigured. Serviceswhicharedesignedtobeonlyavailableinternallywilleithernotbe accessible(e.g.webbasedNetManageradministration)orrequireportmapping. SomeInternetconnections(notablysomeLEAs)willnotgiveyouopenaccessand thusevenifyouopenupaccesstoaspecificservice,itmaybeblockedbyyourISP. AlldatatransferredacrosstheInternetbetweenyourhomecomputerandyour NetManagercanbeeavesdroppedupon.Thismakesitpossibleforotherstosee yourpasswordsandothersensitiveinformation. Thereisnopossibilitytocompresstraffic.

SSHtunnellingallowsyoutocreateanencryptedconnectionbetweenyourlocalmachine (e.g.yourhomePC)andtheNetManagerattheremotesite.Overthissingleconnection, youcanrunmultipleotherconnections(e.g.webbrowsing,email).YouconfigureyourSSH clientsoftware(PuTTYintheseinstructions)onyourlocalmachinetolistenforincoming connectionsonspecifiedportnumbers.Connectionstoanyconfiguredportswillbesent acrosstheSSHtunneltotheNetManager.AtthefarendofthetunneltheNetManagerthen forwardstherequestsontospecifiedmachinesandportnumbers.Boththelocaland remoteendsoftheconnectionarespecifiedinyourSSHclientsoftware,i.e.thereisno configurationrequiredontheNetManager. Figure1belowdemonstratesthedifferencebetweenopeningupyourfirewallandaccessing protocolsdirectlyasopposedtocreatinganSSHtunneltodothesamething.Thediagramis usingtheNetManager'swebserverasanexample.

ConfiguringanSSHtunnelusingPuTTYforWindows
1. Getsshaccountfortunnelincludetoolsfromthislink 2. Runputty 3. Onthewindowthatappears(showninFigure2below)selecttheSSHprotocoland entertheaddresssshserveripthatyouget(e.gtun.opotoiki.com)

4. Ontheconnectionoptionchangesecondbetweenkeepalivesto5andcheckbox enableTCPkeepalives

5. Onthedataoptiontypeautologinusernamethatyougetfromhttp://opotoiki.com

6. OntheSSHoptioncheckenablecompressiontosavebandwidth

7. Onthetunnelsoptionentertheportnumberyoulikefordynamicoptionandklik Add

8. Settingyourbrowseroption(IE,Firefox,Chrome,Konqueror,etc)tousesockproxy 127.0.0.1withportthatyousetinputtytunnelsoption(e.g2877) Exampleforfirefoxbrowseroption>option>advanced>network>settings

ForInternetExplorer Tools(Alt+x)>Internetoption>Connections>LANSettings>checkuseaproxy serverforyourLAN>Advanced>enteripandportinsocksproxyonly 9. Backtothesessionoptionandsavesettingoptionwithnameyoulike,andclickopen

10. Terminalwindowwillappearandjusttypethepasswordyouhave(whenyoutypethe passwordanddoesnotshowanything,justcontinuethisnormal)>enter>willshowyou Shellaccessisnotenabledonyouraccount! Ifyouneedshellaccesspleasecontactsupport. Thatisok,nowyoucanbrowsehttp://opotoiki.com,andyouwillseeyouriphas

changed. Writer icang@opotoiki.com References http://oldsite.precedence.co.uk/nc/putty.html http://en.wikipedia.org/wiki/Tunneling_protocol