It drives me crazy when I have to work at client sites and they have a web proxy like Websense set up that keeps me from doing my job. Don't get me wrong -- a tool like Websense is probably necessary for a lot of reasons, especially in larger organizations -- but on the flip side, a lot of technical blogs that I use as resources end up being blocked by Websense, and that "Blocked by Websense" message drives me nuts.
At my last job my own business webmail server was blocked by Websense, so I went to my employer and said "Listen, I really need to be able to read my other business email while I work here. Can you configure Websense to let me get to my site, or do you mind if I set up an SSH tunnel so I can get to my webmail?" As it turns out, that conversation led to this tutorial.
So, getting this point out of the way -- I don't recommend doing anything illegal to bypass or defeat Websense, and it's certainly not something you want to lose your job over -- let's get down to work. In this tutorial I'll demonstrate how I use Putty on Microsoft Windows computers to create an SSH tunnel that I can use as a SOCKS proxy with the Firefox web browser. Yes, this technique helps me bypass Websense when I need to (with the approval of my surpervisors), but it also secures my web browsing by encrypting the traffic between web browser and the remote web sites that I'm connecting to. That benefit of this technique is also great when you're on any public WiFi network.
Step 1: What you'll need before starting
As mentioned, you're going to need a couple of things in order to create an SSH tunnel that you can use as a Firefox SOCKS proxy. Here's a short list of things you'll need:
- A remote server you can connect to using SSH. This is typically a remote Unix or Linux server that supports SSH logins.
- Your organization will need to let you connect to that site using SSH. By default SSH runs on port 22, so your organization will need to let you out on port 22.
- (Actually, if using port 22 is a problem for you, I think it's possible to configure SSH on any port, like port 80 (normally used for HTTP) or port 443 (normally used for HTTPS), so the need to use port 22 may not be that hard and fast. But, I haven't tried this yet.)
- The Putty software, which you can download for free.
Once you have all those things in place we're ready to get started.
Step 2: Downloading and installing Putty
This step is easy. Just browse to the official Putty website, and download the putty.exe
executable file. On Windows I normally put this file in a directory I've named C:\bin
, but you can put it in any directory you like. As of this writing there is no installation process -- just download it, drop it in a folder, and it's ready to be used.