Tunnel through corporate proxy/firewall (Secure)

Data that travels over the air and how to protect (or decipher) it

Tunnel through corporate proxy/firewall (Secure)

Post by djam90 on Thu Apr 28, 2011 1:45 am
([msg=56729]see Tunnel through corporate proxy/firewall (Secure)[/msg])

The Situation
I have a WinXpPro computer at work. It is on a wired network, on a domain. There is a local Kaspersky internet security on the computer, but I can disable it (I know the password for it!). To connect to the internet, Internet Explorer 8 is set up to go through a HTTP proxy on port 80. This proxy also acts as a filter, as bad sites such as facebook are blocked and come up with a custom error message about prohibited content. There is no obvious monitoring software installed. No VNC programs set up. Also, remote access is disabled (right click My Computer, Properties, Remote, Remote Desktop).

The Goal
My goal is to be able to browse blocked websites (such as gmail, which is blocked when hotmail isn't?), and be able to remote desktop to my home PC. I want to do this SECURELY AND SAFELY. I want it to look like I am just web browsing (on their server logs).

I have my computer left on at home. I set up an SSH server on my home PC, listening on port 443. I use the SSH client software puTTy at work, going out on port 443, with the work proxy details put into the proxy section of puTTy. I set up the correct port forwarding to enable external remote desktop (wasn't working before), and also to browse through the tunnel. I did the "what is my ip check", and it shown my home IP address. I browsed to gmail (on a portable version of google chrome), and it loaded. This seems like SUCCESS.

This is a success, BUT, I am unsure how secure or safe it is. I have read, among the hundreds of tutorials on SSH tunneling, that doing it on port 443 is safer as it would just look like SSL traffic. There are a few questions I have regarding this situation:

1) Is it safer to tunnel through port 443, making my tunnel look like SSL traffic?

2) Is it traceable that I have a program called puTTy running at the time?

3) Is it traceable, that I set my IE8 proxy to be a socks 5 proxy instead of the HTTP proxy, and route it through the tunnel on port 443?

4) What will this web browsing and/or remote desktop look like to the IT department?

5) Obviously doing this requires me to leave my high power consuming PC on at home. Are there cheaper alternatives, such as using a dd-wrt router with an SSH server already set up (would this work?)?

6) Any other comments will be greatly appreciated

I have been advised I could use a DNS tunnel, but that these are slower, what do you think about this?

As far as I am aware, this activity is not illegal, although I would be breaching IT policy. But hey, I want my email access and/or remote desktop on bank holidays and lunch time.

I understand this is a long route to go through, when I could just buy a 3g dongle or something.


New User
New User
Posts: 2
Joined: Thu Apr 28, 2011 1:04 am
Blog: View Blog (0)

Re: Tunnel through corporate proxy/firewall (Secure)

Post by Dwere134 on Mon May 09, 2011 5:32 pm
([msg=57187]see Re: Tunnel through corporate proxy/firewall (Secure)[/msg])

I don't know a LOT about this.. though it does sound interesting to me.
However I am pretty sure that as long as you're using their internet connection it will be traceable eventually no matter the precautions you take. I don't have a whole lot more information to help you with and as I'm at work myself at the moment haven't got the time to google it for you and find anything interesting.
But anyway, I look forward to digging up more on this later and anyone else who may have something to add. :)
Dwere (David)
Goatboy wrote:
Dwere wrote:I'm not one to start some branch of religion though. Not my thing.

Of course if you wanted to, you could call it the Davidians!
Experienced User
Experienced User
Posts: 83
Joined: Mon Sep 27, 2010 5:06 pm
Blog: View Blog (0)

Re: Tunnel through corporate proxy/firewall (Secure)

Post by tgoe on Sun May 15, 2011 8:14 pm
([msg=57426]see Re: Tunnel through corporate proxy/firewall (Secure)[/msg])

I came across something pretty interesting the other day. Might be useful:

User avatar
Posts: 715
Joined: Sun Sep 28, 2008 2:33 pm
Location: q3dm7
Blog: View Blog (0)

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests