all from a usb thumb drive:
first flash your home linksys router with dd-wrt
configure to use .key auth
create key
configure port forwdaring on putty, lets use dynamic port 1000
from your thumb drive launch portable putty and connect vis ssh over port 443
configure portable firefox to connect using socks on port ??? well
1000 of course
create a bat.file:
plink.exe -switch to use putty session
firefox.exe
if all is configured correctly,
you will have established a tunnel on 443 to your newly flashed home router
then you will have tunneled firefox over port 1000 via plink.exe
all cookies and session info is on your thumbdrive not your pc.
how do you stop it?
application layer inspection.
look for ssh protocol that is !22
On Tue, Apr 22, 2008 at 6:12 PM, Francisco Neira Basso
<fneira@defensoria.gob.pe> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Siddharth Upmanyu wrote:
The firm I work with have recently upgraded their web content
filtering system... earlier it was a weak DNS filtering but now
various new masures and a shining websense installation...
I am doing a similar test on possibilities to gain unrestricted access
to internet bypassing all the content filtering mechanism...
HTTPtunnelV3.3 was an option to test but your home grown solution is
sounding even better to test with..
Siddharth
Another option to test (and to keep users away from) is TOR.
http://www.torproject.org/index.html.en
HTH,
- --
Francisco Neira B.
Seguridad de la Informacion
Defensoria del Pueblo
Lima, Peru -05:00 UTC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org
iD8DBQFIDmLkFYZ03N+YDpMRAlk6AJ9HrCS5IKqYzEwvQKqcNj3D87owDQCdEw1i
UgPSS3YfeHkUyLpE06bUETw=
=Y7Ap
-----END PGP SIGNATURE-----
--
-p1g
SnortCP, ESSE-D, C|HFI, TNCP, TECP, NACP, A+
,,__
o" )~ oink oink
' ' ' '
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
