Author Topic: My journey in Proxying and Secure Connection  (Read 2483 times)

0 Members and 1 Guest are viewing this topic.

My journey in Proxying and Secure Connection

« on: June 17, 2013, 11:50:04 AM »
  • Thank You
  • -Given: 0
  • -Receive: 2
  • Phydeux

    Posts: 553
    User Rating: +179/-3
    Rom Developer -- Network Admin -- Forum Admin
    Offline
    • VIP Member
    • *
    • Hero Member
    • Personal Text
      Let me know. I appreciate help.
    I maintain the networks of AndroidArea51 servers in many locations and addresses all over the US. And, I'm REAL CHEAP, and HATE large configuration sessions just to do simple things. I "grew up" in Linux with Slackware, so the cli (command line interface) doesn't bother me at all, but if a GUI is there, I want to be able to use that, too.

    I also need to be "secure" so nobody (Except the NSA probably) can 'read' the data I send. I want an encrypted connection, "jumbled" up from my device to the server, all the way. And, sometimes, I need to run apps the same way.

    How? I use the simplest and cheapest route possible. There is TOR (The Onion Router), designed to be secure. But, with all the "hopping" it does all over the world, the connection can be a flaky at times. Also, our irc servers specifically ban TOR connections. So, that's no good. Plus, I'm cheap, and free is always good, so paid VPN services/etc, are just too much.

    So, I use ssh. It is secure (encrypted from the device all the way to the server), and the only data that can be read is the header information, which says "ssh", and the TTL is started from the device itself, so it's all the same.

    ssh can be setup with port forwarding, so it can be a real cheap, real easy, Proxy connection (called ssh tunneling). Used in conjunction with an app on my phone called ProxyDroid, ALL data from my phone can be "fed" thru this ssh tunnel (using port forwarding and socks5), and can thus use other apps to administer the servers, or even use this as a 'full proxy' to go to the other servers, and they all think it's from the first one I ssh into.

    All the data sent, as far as anybody looking at it, is all 'ssh', no other apps/programs/headers show.

    Does it work for EVERYTHING, even if ProxyDroid is set as "Global Proxy"? No. Some apps just bypass the proxy anyway. Most of those are in the "need root to use" catagory, and have something to do with data over the network. Some of those, however, work great, some not at all. You have to test and see for yourself.

    Another advantage to this method is if the network you're connected to won't let you access irc for example (When my daughter had my grandson, for example, the hospital WiFi didn't allow irc connections. So, I ssh'd into my 'proxy server', and tunneled the irc app thru the tunnel, and was able to use irc)

    There are TONS of ssh tunneling howto's out there on the web if you're interested in this. Just google "ssh tunnel android", and read and learn.

    • Custom
    • Samsung Galaxy Exhilarate i577
    • Clock Work Mod
    • AreaRom X
    • Rooted-Rom
    Donations are appreciated!

    Phydeux's PayPal email:
    You are not allowed to view links. Register or Login

    AndroidArea51 PayPal email:
    You are not allowed to view links. Register or Login




    Re: My journey in Proxying and Secure Connection

    « Reply #1 on: June 17, 2013, 01:36:44 PM »
  • Thank You
  • -Given: 0
  • -Receive: 1
  • treyonator56

    Posts: 222
    User Rating: +14/-1
    Offline
    • VIP Member
    • *
    • Sr. Member
    Privoxy and tor is a good combination ;)

    Sent from my SCH-S720C using Tapatalk 2

    • AK51 Proclaim
    • Samsung Galaxy Proclaim
    • Clock Work Mod
    • AreaRom Proclaim v1.1
    • Rooted-Rom
    Ask me any android related questions. I'll try my best to answer them as well as possible. I'm here to help. :)

    Re: My journey in Proxying and Secure Connection

    « Reply #2 on: June 17, 2013, 02:44:26 PM »
  • Thank You
  • -Given: 0
  • -Receive: 2
  • Phydeux

    Posts: 553
    User Rating: +179/-3
    Rom Developer -- Network Admin -- Forum Admin
    Offline
    • VIP Member
    • *
    • Hero Member
    • Personal Text
      Let me know. I appreciate help.
    Not in combination on a already limited memory phone...
    I usually only have 1-2 MB free...lol.
    ssh and ProxyDroid do perfect. And since I don't need to "bounce" my stuff thru 500+ servers (Since that's 'my' server, who do I care that 'sees' I connect to it?) ssh tunneling does fine.

    My main concern is encrypting the traffic so the only thing 'seen' is "ssh" and the header info is all 'ssh' and ttl says it's only from my device......
    • Custom
    • Samsung Galaxy Exhilarate i577
    • Clock Work Mod
    • AreaRom X
    • Rooted-Rom
    Donations are appreciated!

    Phydeux's PayPal email:
    You are not allowed to view links. Register or Login

    AndroidArea51 PayPal email:
    You are not allowed to view links. Register or Login




    Re: My journey in Proxying and Secure Connection

    « Reply #3 on: June 17, 2013, 03:51:46 PM »
  • Thank You
  • -Given: 0
  • -Receive: 1
  • treyonator56

    Posts: 222
    User Rating: +14/-1
    Offline
    • VIP Member
    • *
    • Sr. Member
    Ah. You could always run a private exit node through tor ;) but you probably can't since memory is a problem. Does ssh work with flash and Javascript as well? Or only through certain apps like tbb and orbot?

    Sent from my SCH-S720C using Tapatalk 2

    • AK51 Proclaim
    • Samsung Galaxy Proclaim
    • Clock Work Mod
    • AreaRom Proclaim v1.1
    • Rooted-Rom
    Ask me any android related questions. I'll try my best to answer them as well as possible. I'm here to help. :)

    Re: My journey in Proxying and Secure Connection

    « Reply #4 on: June 17, 2013, 06:54:48 PM »
  • Thank You
  • -Given: 0
  • -Receive: 2
  • Phydeux

    Posts: 553
    User Rating: +179/-3
    Rom Developer -- Network Admin -- Forum Admin
    Offline
    • VIP Member
    • *
    • Hero Member
    • Personal Text
      Let me know. I appreciate help.
    It's a combination of ssh tunneling and proxydroid, so 99.9 percent of apps can use it.

    You have to setup ProxyDroid to use the Socks5 port you forwarded in ssh , and set it to "Global", so all apps will use it
    • Custom
    • Samsung Galaxy Exhilarate i577
    • Clock Work Mod
    • AreaRom X
    • Rooted-Rom
    Donations are appreciated!

    Phydeux's PayPal email:
    You are not allowed to view links. Register or Login

    AndroidArea51 PayPal email:
    You are not allowed to view links. Register or Login




    Re: My journey in Proxying and Secure Connection

    « Reply #5 on: April 13, 2015, 12:51:00 AM »
  • Thank You
  • -Given: 0
  • -Receive: 0
  • chev

    Posts: 6
    User Rating: +0/-0
    Offline
    • *
    • Jr. Member
      • donotaccept.net
    I highly recommend OpenVPN, with a udp tunnel and AES-128-CBC works great on embedded devices. I only make ssh connections within VPN networks, iptables allows no outside ssh connections, which adds another layer of encryption and ensures nobody will ever break into your server. Create an unprivilieged account for sftp and that's a great way to sync files with your device. If you want secure, you can't beat that setup.
    • Custom
    • Moto E GSM US XT1023 AreaRom'D CM12
    • TWRP
    • AreaRom X
    • n/a

    Tags:
     

    Related Topics

      Subject / Started by Replies Last post
    10 Replies
    4084 Views
    Last post October 15, 2012, 06:50:02 AM
    by prepaidguy9081
    2 Replies
    1595 Views
    Last post July 05, 2013, 09:19:52 AM
    by Quake
    3 Replies
    1674 Views
    Last post April 18, 2014, 09:11:31 PM
    by androiduser123