Secure Browsing from your mobile at Hotspots

Like many of you, my phone/tablet/owner of your life, is great for surfing the web. I get bundled hotspot access with my Home Broadband connection so most places I go either have one of these hotspots or other free wifi.

FREE WIFI!?!? I hear you cry! Everyone loves a bit of free internet, however even from a phone it’s amazingly easy to sniff various things across a network (especially if said hotspot has no security setup: IE Most of them). I was sat in a hotel the other evening and within a few minutes had found various network shares and other holes WITHOUT any forethought or plan to do so. The truth is, some people are arseholes and would happily take advantage of this for a few giggles. Some sad fucks even sit near INSERT GENERIC COFFEE SHOP here just to sniff what people are sending via the open Wireless.

So where am I taking this? It’s first a Public service announcement that probably extends to many things. Be aware of your surroundings and don’t just connect to Wireless points willy nilly. Secondly, if you do start plugging your phone into random wireless networks then use some protection 😉 Told you it would extend to other areas 😛

So here is my little guide for hiding your browsing and DNS searches while connected to a wireless hotspot.

You are going to need a machine at home or a virtual server in the cloud that is going to act as your SSH Server. I am going to assume you have an SSH Server setup already.

More information on SSH can be found here. This guide won’t be covering the setup of an SSH Server but most linux OS have it installed and you can even install one for windows. Tech Republic have a guide here

Things to install on your Android Device
– An SSH client, I personally use “ConnectBot”
– Firefox Browser, there is a good reason for this.

Let’s start with Connectbot
-Ensure you can connect to your SSH normally without any other settings. This gives us a “Hey, it works and I haven’t broken shit!”
-Is it working? Great. Have a cookie!
-Now we need to sort out a port Forward for the SSH. In Connectbot, click EDIT PORT FORWARDS
-We are going to be adding a DYNAMIC Port. I usually stick this far out of the way of any other port I am using. For this example lets say port 9999
-Give you Port forward any Nickname, set the type to DYNAMIC (SOCKS) and in this example the Source port to 9999.
-Now when you connect to your SSH Server, the address localhost:9999 is being forwarded to your SSH server via your SSH Tunnel. Once you log in you should see confirmation that the port is being forwarded.

So we have a port being forwarded, now what do you actually do with it? This is the reason we have downloaded firefox as some poking around in the config allows us to set a SOCKS Proxy and to send your DNS requests through that tunnel.

– Open Firefox and in the address Bar type “about:config”
– This gives us a rather large set of scary options. We are interested in just a few of them
– In the Search at the top of the screen, type PROXY
– The option “network.proxy.socks” needs to be set to LOCALHOST
– The option “network.proxy.socks_port” need to be whatever you set your Dynamic port to in your SSH Client. In this case it was 9999.
– The option “network.proxy.socks_remote_dns” should be set to true. This forwards any addresses you ask for via the proxy otherwise you will be asking the local hotspot DNS.
– “Network.proxy.type” needs to be set to 1″

With your SSH client disconnected, try and browse with firefox. Doesn’t work huh? This is partly why we downloaded a second browser as the settings stop normal browsing.

Fire up your SSH client ensuring your port forward is enabled then try and browse again. It should now work. Fire up a website that tells your IP, it will be the IP of wherever your SSH Server is located. Try another browser without the socks proxy and you will get your local IP.

Your requests and traffic are now coming from your home/server IP and are hidden from the hotspot you are using. Bonus features include, you can access sites and services on your home LAN if you connected to home and any blocked websites are now bypassed completely.

You can use an SSH client on a PC with firefox to do the exact same thing but don’t blame me if you are bypassing firewalls and get caught! The about config section works for the main PC browser as well.

DISCLAIMER: This guide can be adapted to most devices that can access SSH connections. It will hide your actual browsing and DNS searches but its not a foolproof way to get around work firewalls etc. A decent Sysadmin will see the SSH but not the traffic and instantly assume you are up to no good as your are hiding your traffic.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s