It is important to hide your true IP address when performing open source research or an investigation so no one is the wiser, but how can you do this? The simple solution is to setup a SSH tunnel and tunnel your traffic through the non attributable system you built. The non attributable VPS is an important tool in any security analysts kit and in this example we will use it for a jump point so we can hide our true location.
Create a script to initiate the SSH tunnel
Let’s start by creating a script to establish the SSH tunnel. For this to work properly you will need a Linux virtual machine on your local host and a Linux VPS at a provider such as Linode. Use VIM or your favorite editor to create a file called tunnel.sh, and insert the following:
VIM tunnel.sh ssh -D 8080 -f -C -q -N <user>@22.214.171.124
Make sure you enter your user name for <user> and your VPS IP address for 126.96.36.199. After saving the file you will need to make it executable. This can be accomplished by changing the files permission:
chmod +x tunnel.sh
Enable the VPS to proxy the SSH tunnel traffic
In the VPS you need to ensure AllowTcpForwarding is enabled in /etc/sshd_config. This is enabled by default in most modern distributions of Linux. To verify just open /etc/sshd_config and find the AllowTcpForwarding option, it should look like this:
It is commented out but the default is yes. If yours is set to “no” you will need to change it to yes and restart sshd using systemctl:
systemctl restart sshd
Configure your browser to use the SSH tunnel
Open Firefox and click on the hamburger icon (three horizontal lines on top of each other) then click on the preferences link. In that tab scroll down until you see the Network Proxy section and click Settings. Here you will select manual proxy configuration and in the SOCKS Host add 127.0.0.1 and set the Port to 8080. Ensure the SOCKS v5 option is selected and scroll down until you see the “Proxy DNS when using SOCKS v5”; check the option box and hit ok.
Open the tunnel and start surfing
To start the tunnel all you have to do is cd to the tunnel.sh script location and execute it:
Then open Firefox and start your research or investigation.
If you have questions feel free to ask them in the comments below. I hope you enjoyed this blog post and the accompanying video, if you did please take a moment and give it a like also consider subscribing to my YouTube channel. I enjoy doing tutorials and how-to’s on cyber security topics and as long as they are popular I’ll keep doing them.