Use a SSH tunnel to hide your true IP address

It is important to hide your true IP address when performing open source research or an investigation so no one is the wiser, but how can you do this? The simple solution is to setup a SSH tunnel and tunnel your traffic through the non attributable system you built. The non attributable VPS is an important tool in any security analysts kit and in this example we will use it for a jump point so we can hide our true location.

Create a script to initiate the SSH tunnel

Let’s start by creating a script to establish the SSH tunnel. For this to work properly you will need a Linux virtual machine on your local host and a Linux VPS at a provider such as Linode. Use VIM or your favorite editor to create a file called tunnel.sh, and insert the following:

VIM tunnel.sh
ssh -D 8080 -f -C -q -N <user>@1.2.3.4

Make sure you enter your user name for <user> and your VPS IP address for 1.2.3.4. After saving the file you will need to make it executable. This can be accomplished by changing the files permission:

chmod +x tunnel.sh

Enable the VPS to proxy the SSH tunnel traffic

In the VPS you need to ensure AllowTcpForwarding is enabled in /etc/sshd_config. This is enabled by default in most modern distributions of Linux. To verify just open /etc/sshd_config and find the AllowTcpForwarding option, it should look like this:

#AllowTcpForwarding yes

It is commented out but the default is yes. If yours is set to “no” you will need to change it to yes and restart sshd using systemctl:

systemctl restart sshd

Configure your browser to use the SSH tunnel

Open Firefox and click on the hamburger icon (three horizontal lines on top of each other) then click on the preferences link. In that tab scroll down until you see the Network Proxy section and click Settings. Here you will select manual proxy configuration and in the SOCKS Host add 127.0.0.1 and set the Port to 8080. Ensure the SOCKS v5 option is selected and scroll down until you see the “Proxy DNS when using SOCKS v5”; check the option box and hit ok.

Firefox manual proxy settings to use a ssh tunnel.
Firefox proxy configuration.

Open the tunnel and start surfing

To start the tunnel all you have to do is cd to the tunnel.sh script location and execute it:

./tunnel.sh

Then open Firefox and start your research or investigation.

If you have questions feel free to ask them in the comments below. I hope you enjoyed this blog post and the accompanying video, if you did please take a moment and give it a like also consider subscribing to my YouTube channel. I enjoy doing tutorials and how-to’s on cyber security topics and as long as they are popular I’ll keep doing them.

See ya

References

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.