Saturday, November 26, 2011

Fun with SOCKS, IPv6 and SSH

This is fun stuff with both IPv6 and SOCKS. And ... the IPv6 is a side effect of the SOCKS ... ;-)

First some info on SOCKS: I thought SOCKS was just some old-skool proxy protocol on corporate networks. But I learned you can also use SOCKS (in ssh) to prevent spying by ISPs, governments and other third paries. Here's how:

You need an external SSH-server (which hopefully does IPv6). There are service providers that offer SSH-server functionality for 15 US$ per year(!). I got my VPS with SSH server from Hexxeh (http://vps.hexxeh.net/) for 5 US$ per month. A bit more expensive, but I wanted a VPS anyway and Hexxeh provides IPv6 (on request).

Now set up a super simple SOCKS proxy server on your Linux system (in my case Ubuntu):


You then need to fill out your password. If your logon is succesful, the local SOCKS proxy is running on port 1080, with its start point on your Linux machine, and its endpoint on the SSH server. So a loooong SOCKS proxy. ;-)
(Attention: stay logged on. As soon as you logout from the SSH session, the SOCKS proxy is gone.)

Now you can point your SOCKS enabled client to localhost and port 1080. I've done this for the webbrowser Chrome (see screendump), and I could browse the web. And suddenly my location had changed to the UK according to http://whatismyipaddress.com/ . And as Hexxeh provides IPv6 (on request), my IPv6 was working according to http://test-ipv6.com/ "Your IPv6 address on the public Internet appears to be 2001:41d0:2:bb58:...".

As my web traffic now goes through an SSH session, I'm quite sure it's encrypted, and it cannot be eavesdropped by my ISP.

Strangely enough, http://www.bbc.co.uk/iplayer/tv thinks I'm NOT in the UK. Maybe the BBC does blacklist IP addresses from (VPS) hosters ... :-(


EDIT: here is a command to check the SOCKS SSH tunnel:


$ sudo netstat -apon  | grep -i ssh | grep tcp
tcp        0      0 127.0.0.1:1080          0.0.0.0:*               LISTEN      8511/ssh         off (0.00/0/0)
tcp        0      0 192.168.1.53:44824      174.41.66.20:22       ESTABLISHED 8511/ssh         keepalive (5957.97/0/0)
tcp6       0      0 ::1:1080                :::*                    LISTEN      8511/ssh         off (0.00/0/0)
$




HTH


Wednesday, November 16, 2011

IPv6 Fun: "defa:ced"

Funny: Fun with IPv6 addresses ... see http://codingrelic.geekhold.com/2011/04/ipv6-addresses-for-fun-and-profit.html

There are much more options than just dead:beef:f00d !

a110:c8ed I allocated an address, just for you.
defa:ced I hate my web designer.
bad:fac:ade Our CSS needs work.
bad:deed Thank you for visiting my site. Really.
be:fa11 As in "what has befallen yon dead server?"
abba:ca:daba Our network is powered by pure magic.
d00:bee Network debugging probably qualifies as "medicinal purposes."
b0:cce:ba11 You know, I only discovered Bocce Ball in my 30s.
5ca1:ab1e Ignore what you see elsewhere, the secret to scalability is in using clever IP addresses.
ca:b0b yummy
fa1:afe1 even more yummy!
b1ab:bed We might need to tighten up our HTML a bit.
bab:b1e We might need to recompress our images a bit.
ba:b00 My sweet baboo!
10ad:ed I bet it has an itchy trigger finger, too.
ba:11ad The entire site is set in iambic pentameter.
a:100f My site doesn't like me.
acc0:1ade Network admins rarely, if ever, hear praise of their work.
aff:ab1e An address for a social networking site if ever I heard one.
ba:ff1e Don't blame me for the contents of this site. The web team reports to a whole different department from the network admins.
ba1:b0a Its the Eye of the Tiger, baby!
ed1:f1ce Look upon my network, ye Mighty, and despair.
5caf:f01d This load balancing tier was intended to be temporary. That was four years ago. Such is the way of things.