Friday, October 6th, 2006...9:29 pm

Defeating Firewalls with Putty and SSH

Jump to Comments

Once in a while we all get stuck behind a firewall and just have to get around it. You could use one of the many anonymizer web browsing sites which is most likely blocked or use some random proxy in Eastern Europe that features a totally leet 476 ms ping. Or if you have an SSH account somewhere (like your webhost — dummy) you can do some SSH tunneling voodoo to go wherever the hell you want.

Requirements: Putty, an SSH Account like one that comes with most web hosting plans.

The short and sweet explanation:

open up a command prompt, run putty -D 8080

Log-in to your account at yourhost

Point your proxy to localhost port 8080 (SOCKS v5)

You’re good to go, the only catch is you must stay logged in in the putty window to use the proxy.

The detailed explanation:

First download putty if you don’t already have it. You really only need putty.exe however the other tools in the putty suite are nice tools to have in your toolbox.

Next open up a dos prompt and navigate to whatever directory you put putty.exe in, c:\putty for me. Once you’re there, type: putty -D 8080 where is the hostname or ip address of your SSH account. This will cause a putty window to open up, simply login like usual. Keep this window open.

Now open up firefox or IE and change your proxy. In Firefox go to Tools->Options->Connection Settings click Manual proxy configuration and in the box to where it says SOCKS Host type in localhost , for the port enter 8080 and select the Socks v5 radio button. If you use IE and want to configure a proxy, figure it out yourself know it all!

That’s it,as long as you stay logged in to the SSH account you can browse the web. All traffic is now encrypted so you can head over to myspace and write another omg thnx for the add XD !!!11 comment.

If you need to switch between using no proxy and using your new proxy, consider installing the Switch Proxy Extension for firefox, it allows you to switch proxies quickly using the status bar.


  • Some quick tips: If you have root on your remote host, you can run ssh on port 443. As SSL traffic cannot be proxied, you can pass-through most firewalls. (This implies you’re not running HTTPS on your remote host.)

    You can also use “plink” (get from the same place as “putty”) to open a session without opening a shell to your remote host.

    You can also use pageant to automate public-key auth.

  • […] This works without paying for an and setting up SSH or some other nefarious means (lol). Although these work, they may not be free, and they may not be legal. […]

  • For the record, this does NOT work from within Military networks. You can get out, but the network admins will come a callin’. With MPs. And guns.

Leave a Reply