Using Your Server as a Proxy Browser

 

English: Illustrated concept of a proxy server...

Your IP address is stored by almost every online service you might visit. Is this always a good thing? Certainly not! Why would you think that? Big Brother is bad enough, but once Big Sister gets ahold of your information, she will share it with the whole family (she’s well-intentioned but, sadly, does not always prioritize your privacy).

You may want to use proxy browsing for such tasks as online banking, consultancy, or sales. We’ll get into other reasons it might be a valuable idea for you to consider. Surfing the Web undetected is something every superhero desires and some can implement without even trying (those whose superpower includes online invisibility). Even if you can’t be immediately invisible when you roll out of bed – which is incredibly frightening to your pets if you can anyway – you can become kinda-sorta invisible by using your server as a proxy to browse the Web.

Essentially what this allows is your IP to be concealed, making it look like your IP is located somewhere across the globe, such as the Kremlin or an Internet café at a Buddhist monastery in the Himalayas.

The below information details how proxy browsing via a server can be achieved. My sources were a piece on Wired by Jack Donovan, instructions from Yale University IT, one by Benny Taylor for Salon, and a James Bruce piece for Make Use Of . I will discuss proxy access generally, why it might make sense, ways to use proxies and configurations, directions for the major browsers, and the SSH tunneling method.

Proxies – You Have Access

Note that you can use a proxy browser regardless if you have a hosting company, as per instructions from Jack’s Wired article. Obviously your own server via your hosting service, or your own in-house server, is preferable because you understand the company’s security credentials and you’re keeping everything contained within your current networking environment.

However, options are available for access to all. The servers you can use are publicly available, posted to Google freshly each day, just like soup (note that unlike soup-of-the-day, the proxies are unavailable in chowder form except at an additional cost). Wherever you are getting the server information, either from your own system, the hosting company, or online, what you need is this configuration of numbers to input into your browser of choice: XXX.XX.XX.XXX:XXXX.

You can either look up a proxy list through a search engine or go straight to this site. Do not opt for transparent options, and you don’t need to enter additional details the browser requests if you don’t have them: the IP address is sufficient. Also note that the proxy can be anywhere, though most people choose to operate directly out of the Pentagon so they can send some international peacekeeping tweets (how wars are won in the digital age).

Why Use a Proxy

Benny’s article for Salon mentioned several additional benefits of operating via a proxy. You can block employee access to specific websites (hurray!), log schedules of employee Internet usage (“What’s your obsession with the WWW, Horowitz?”), and get a better sense of where employees are going on the Web (“Monster.com? C’mon, Horowitz”).

Depending on the service and where it is installed, you can achieve a degree of online anonymity and look at websites that are typically inaccessible to outsiders. Benny specifically references the fact that people all over the world are able to use proxies based in the US to reach websites and materials censored in their home countries. Individuals using a proxy server for these reasons should check their nation’s laws to be aware of any they might be breaking (for example, in Guatemala, looking at a picture of a naked lady is considered third-degree manslaughter).

Also, note that SSH tunneling (described a few sections down) can be useful if you are unable to access common proxy sites due to restrictions in place in your country. Again, be aware that you are probably going beyond the bounds of laws in these cases. Also, put down the joint.

Ways to Use Proxies & Configuration

Benny also discusses the use of proxy browsing through one’s own server via software or a separate piece of hardware with the software pre-installed for use. Also note that hardware firewall solutions sometimes are configured to allow proxy server usage by default. Finally, you can subscribe to software as a service (SaaS) proxy capability. This last option allows you to externalize the operations to a third party, like we do with our garments (around these parts, mama no longer knits in the evenings … stop proving me wrong, mama!).

You will typically be able to pre-fetch (a.k.a. cache) Web data for easy access. There is also generally functionality to filter the data and monitor on a broad or case-by-case basis. Each individual device throughout your network will need to be configured to connect to the Web through the proxy. All interactivity with the Web will then flow through that server, on which you can place whatever parameters you like (lack of access to certain websites, mandatory corn chowder specials, etc.). If you do decide to take up the SaaS option, then it may become necessary to draw up a legal contract with the assistance of SaaS Legal Services. This is so that both you and the provider know the clear boundaries of your agreement and details of the service being provided.

You also need to prevent all of the networked devices to disallow individual users from bypassing the server at any point. For legal purposes and also so that everyone understands the guidelines in place, issue a detailed description of what the proxy is doing – what data is gathering and in what ways you’re analyzing it (while stroking your beard, for instance).

Directions for the Major Browsers

Here are the directions from Yale IT on how to configure individual browsers to operate as proxies. These directions may be unnecessary if you have attained proxy software (as discussed above), and the software is integrated with your primary browser. The below is the standard manual solution – all you will need is the IP address, and desirably the port and SSL information, related to the server you’re using. Additionally you will need one large can of tomato paste, six dozen popsicle sticks, a Bunsen burner, and unwieldy scientific passion.

Mozilla Firefox:

  1. Open Firefox.
  2. On a Windows PC, go to Tools > Options. On a Mac, go to Firefox > Preferences.
  3. Enter the Advanced section and Network subsection.
  4. Go to Settings (which is positioned adjacent to “Connection: Configure …”)
  5. Choose Manual Proxy Configuration.
  6. Enter your Proxy credentials you have obtained next to HTTP Proxy. This is the IP address in the format XXX.XX.XX.XXX:XXXX.
  7. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  8. Enter OK on Windows, or Apply on Mac. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  9. You’ve done it. You can now get right to infiltrating NASA and redesigning the International Space Station’s spacious, open-air arboretum.

Internet Explorer:

  1. Open IE. Go to Tools > Options.
  2. Enter the Connections section.
  3. If you are using dial-up or standalone DSL (as is typical when accessing through a home connection), enter Dialup Settings.
  4. Click on the profile through which you connect to the Internet. Go to Settings.
  5. If you are using a Local Area Network (LAN), DSL router, or cable modem, enter LAN settings. Mark the checkbox under Proxy Server entitled “Use a Proxy Server.”
  6. Go to the Advanced window.
  7. In the text box adjacent to HTTP, enter the IP address specific to your server (or the public server IP you attained online) under Proxy Address to Use.
  8. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  9. Enter OK. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  10. You’ve done it. You can now send out your tweets to the Taliban from the Department of Defense (“@Taliban, please tone down the anger in your hate mail. #DODepression”).

Safari:

  1. Open Safari. Go to Safari > Preferences.
  2. Click on Advanced.
  3. Next to Proxies, enter Change Settings.
  4. Look under Show, and you should see the parameters with which you’re connecting.
  5. Click the checkbox adjacent to Web Proxy (HTTP). Enter the IP address specific to your server (or the public server IP you attained online) in the first text box.
  6. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  7. Enter Apply. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  8. You’ve done it. You can now surreptitiously sell your overpriced religious holiday baubles to the people of North Korea.

The SSH Tunneling Method

James Bruce’s article in Make Use Of focuses specifically on the SSH tunneling method to use a dedicated or virtual private server (VPS) as a proxy. This method, because it uses SSH, is typically inaccessible to those in shared hosting environments. However, if you search the support pages for your shared account, you may find it is possible.

** Word of warning: Remember at all times that this traffic still funnels directly through your hosting account (ie, it’s not fully anonymous); plus, it uses bandwidth, so if you have limitations, you don’t want to go overboard using it as a proxy.

Windows

  1. Download software to allow you to communicate via SSH. James suggests Putty and uses it for demonstration, so I will too. Note that Silly Putty can also be used for this purpose – much less effectively, but nonetheless, hilariously.
  2. When Putty asks for a domain, do not use your root account. Use any domain that is SSH-enabled.
  3. Click on SSH in the sidebar at left and ensure that “Enable compression” is checked.
  4. Expand SSH, and you will see “Tunnels.” Source Port should be 9090 and destination should be Dynamic.
  5. Return to the Sessions screen (at top on sidebar).
  6. Give a name to your settings and save it so that you can use them in the future.
  7. Click Open. Username and password cannot be saved, and you may find it difficult to enter your password. You also may need to ignore windows that pop up re: authentication (per James).
  8. Move onto your browser configuration as described below.
  9. Give a high-five to each of your six unpaid college interns.

Linux / OsX

  1. Enter the following command into a terminal: ssh -C2qTnN -D 9090 username@yourdomain.com.
  2. Supply your password.
  3. Move onto your browser configuration as described below.
  4. Give one low-five, to your Intern of the Week.

Change the Connection > Proxy to SOCK S5. The URL should be localhost, and the port should be 9090. If you need further instructions, you can visit James’ article here and search for “configuring the browser.” It gives instructions specific to FF and IE, as well as how to implement system-wide on Linux or OsX.

Summary

I’ve explained proxies generally, why to use them and ways to use and configure them, directions for the major browsers, and the alternate SSH tunneling method. Be careful, guys and gals. It’s a scary world out there. WWJD (“What Would Julian Assange Do?”) may not always be the best policy.

by Kent Roberts and Richard Norwood