I presented this last night on myDEFCON #17 at 1st Floor, Northam Beach Cafe, Penang. During the past meetings, we’ve discussed and explored the art of wireless sniffing and man in the middle attacks. This is my FREE solution to guard against those attacks.
Packets shouldn’t be travelling unencrypted over the network, especially over WiFi. You can secure yourself from sniffing by using this solution or VPN.
I’ve set up a tunneling server on my old Pentium 3 box. It runs Ubuntu 5.04 base install.
On it I’ve installed
I then added port forwarding on my router to point to my SSHd on port 22. I also enabled my DynDNS on the router so that it automatically updates their NS. With that done, the tunneling server is set.
For the client side, I used PuTTY, a free telnet/SSH client for Windows.
Here is where I define the ports to tunnel. I’ve mapped my localport 1080 and 3128 to my tunneling server. 1080 will point to my socks5 daemon and 3128 to squid.
Once that’s done, you need to set your application’s proxy to point to those ports. To make life easier, use Tunnelier or FreeCap. I do it manually though.
With this solution in place, anyone sniffing within the network will not be able to know what you’re doing. They will only detect an encrypted connection to your tunneling server.
Try it out and let me know how it works for you.
0 comments:
Post a Comment