[Nottingham] Web browsing through SSH tunnel
Camilo Mesias
camilo at mesias.co.uk
Wed Oct 29 00:44:46 UTC 2008
Danny
> If I'm running a web proxy that uses a SSH tunnel from localhost to a
> computer somewhere else on the Internet, can my network overlords spy
> on me? Can anyone else spy on me? Could a local user on localhost spy
> on me?
Sort of.
The network admins could notice that you are sending/receiving a lot
of data on a ssh connection to that computer somewhere else, and what
the usage pattern is.
Other users on localhost could use ps to see what your ssh command is,
possibly finding out the local port you are using. A privileged local
user would be able to sniff your unencrypted web traffic on that port.
(try it as root, eg. tcpdump -A -s 0 -i lo port 8080). The same
applies to other users on the remote computer. There even unprivileged
users might be able to see what sites you are surfing by using
netstat or similar commands.
-Cam
More information about the Nottingham
mailing list