Overview

The objective is to encrypt your network traffic so it can not be read as it passes through over employer or school's network. To do this, we will; Run an SSH server on your computer at home. Use an SSH client on your computer at work to create a secure tunnel between your home and work computers. Enable Dynamic Forwarding in the SSH client to simulate a SOCKS Proxy. Configure Internet Explorer to use a SOCKS Proxy for network traffic instead of connecting directly. After this is all setup, the process for browsing a website will be as follows. Internet Explorer at work connects to the SSH client running on your computer at work. The SSH client connects to the SSH server running on your computer at home. Internet Exlorer will make requests for websites using the SOCKS protocol, which SSH will intercept and handle for you. Thus, the SSH server talks to the website and returns the web page to the SSH client. The SSH client returns the web page to Internet Explorer. In essence, you are tricking Internet Explorer into thinking you have a proxy server running on your local machine, when in fact the proxy is running on your computer at home. Since all communication over your work network takes place through SSH, it can not be read. The SSH traffic CAN be seen or detected, but it will look like a garbled mess of letters and numbers. Other than being a little slower than usual, you shouldn't notice any difference when surfing the web when using the secure method. Some people that are familiar with SSH and may be asking, "How can Internet Explorer talk to SSH?". Well, SSH has a great little function called Connection Forwarding. You setup SSH to accept TCP connections on a port and forward them to a port on another computer. SSH takes ALL the network traffic on that port, wraps it in a secure package, and forwards it somewhere else. I refer to this as a "shunnel"; a secure tunnel. The other trick to this setup is the Dynamic Port Forwarding. Newer versions of SSH can emulate a SOCKS proxy server. A SOCKS Proxy server is a server that acts like a "middleman." It accepts requests from a client, and connects to the target server on your behalf. Take a look at these links on Webopedia for a little more information; SOCKS Proxy

Audience

This guide is written for a moderately skilled computer user. You MUST know how to install programs on your computer, how to navigate file systems, and how to edit configuration files. A knowledge of "how the Internet works", like TCP, sockets, ports, HTTP, and other network protocols would be extremely helpful.