This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

DNS and ssh tunnelling

0

Hi..I have an ssh server setup at home which I'm using to tunnel from work.I'm mainly just trying to learn I'm not trying to bypass anything at work since I think they could care less and I don't really go anywhere but youtube to listen to songs while I work. but anyway, I know the tunneling is working because my company blocks fedoraforum.org and I can get to it just fine.I'm using Chrome with the proxy switchy installed..I'm using socks5 in switchy. I have putty running and adding dynamic port 5080.so my switchy config looks like this socks host 127.0.0.1 amd port 5080. Now when I capture traffic using wireshark I set up a filter for only DNS but I noticed it still uses the company dns so kind of defeats the purpose since the dns server will know which site I'm trying to go to.. How do I get it to use dns server that my home ssh server uses? one other off thing is that I can't get to intranet sites when switchy (chrome) is set up to use the proxy. any help is appreciated.

asked 04 Aug '11, 06:22

wire149's gravatar image

wire149
1111
accept rate: 0%


One Answer:

2

What you are doing has quite a potential to get you (and your company) into trouble.

The ssh-tunnel undermines whatever security filter was established by your network administrator, for example in a proxy server. While the tunnel certainly is cool it works both ways: Your network at home is probably not as secure as the company net. You have to ask yourself if you really want to provide that potential jump point to your employer?

Your company has a good reason for it's acceptable use policy; they might even had you sign a copy that policy as part of the hiring process. I highly recommend that you observe that policy.

answered 04 Aug '11, 06:53

packethunter's gravatar image

packethunter
2.1k71548
accept rate: 8%

Yeah that's true..I was jut curious and trying to learn this stuff..BTW seems like fireproxy worked for me.think it's just chrome switchy is not working..btw how do I view packets only going through the tunnel?

(04 Aug '11, 07:31) wire149

I'd still like to know how to just view traffic going to tunnel with some type of filter..do I need to filter for ssh only or port?

(04 Aug '11, 09:30) wire149

@wire149, I'd go with both.

(04 Aug '11, 16:21) helloworld