Personal computing discussed

Moderators: renee, Steel, notfred

 
KPRROK
Gerbil In Training
Topic Author
Posts: 4
Joined: Sat Jan 02, 2010 4:26 am
Location: Lee's Summit, MO (Kansas City)

Proxy needed?

Sat May 22, 2010 12:22 am

Hello everyone...I hope this is the correct forum for my question, it doesn't seem to fit anywhere else very well.

The story: I'm an American currently living in Korea, and I'm getting annoyed that I can't do certain things because of my current residence. Two things I really want to be able to do are buy games from Steam (my account is linked to my US bank account and address) but not all games are available here in Asia. The 2nd thing is get unfiltered access to audible.com content. I can't get any Stephen King, and lots of other books are not available here in Asia.

I think I need a proxy, but I can't find a good tutorial or set of instructions that doesn't sound like an advertisement for whatever page I'm looking at. I need some recommendations from you fine people in helping me figure this out.

1.) Would using a proxy solve those two problems?
2.) Which one do you recommend?
3.) What security issues should I look at?
4.) Anything else?

Thank you for any comments and suggestions.

KPRROK
Jeju, ROK
**********

"Logic breeds superiority."
"Stupidity is everywhere, try not to get any on you if you want to survive."

**********
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Proxy needed?

Sat May 22, 2010 9:40 am

It is actually not difficult to roll your own secure web proxy server, provided you know someone in the US with a broadband connection who would be willing to have a box sitting off in a corner somewhere that is left running 24x7. It doesn't need to be a high-powered server -- it can be an inexpensive micro-ATX/SFF system, or something cobbled together out of 10 year old junk box parts; you can even use a borrowed monitor, keyboard, and optical drive for setup (and remove them after OS installation).

The 10,000 foot view of the process:

1. Set up the server hardware and install Linux. Ubuntu would be a good choice if you're new to Linux; if you have prior Linux experience, just use your distro of choice.

2. Make sure the OpenSSH (Secure Shell) service is installed and running. Some distros install it by default; others (e.g. Ubuntu Desktop) do not, but installing it takes just a few mouse clicks (or CLI commands).

3. To ensure that the router/firewall the proxy is behind does not cause problems, configure the server for a static IP address, and make sure the firewall is configured to forward port 22 to the IP address you've assigned to the proxy box. (If the person hosting the proxy box for you uses SSH for other things, you may need to change the port number used by your box to something other than 22...)

4. Install a SSH client on your PC. The most widely used SSH client for Windows is PuTTY; it's free, and it works well. If you would also like to have Windows versions of the Linux command line tools, consider Cygwin instead; but if you are a Linux newbie I suggest sticking with PuTTY for the Windows side of things (PuTTY has a minimal learning curve, but Cygwin can be a bit daunting for the uninitiated).

That's basically it. The OpenSSH server includes a built-in SOCKS proxy; to use it, you log in to the proxy server using your SSH client, and tell the SSH client to use a local port (on your desktop) as a forwarded SOCKS proxy port. Then you configure your web browser to use the designated port on "localhost" as a SOCKS proxy.

Other miscellaneous issues...

Caveats -

I've done this sort of thing many times (for security reasons, it is how I usually do things when accessing the web while traveling), but I have not tried using a SOCKS proxy with Steam or audible.com. You would somehow need to verify that they both work through a proxy. Someone else here has probably used Steam and/or audible.com through a proxy at some point, hopefully they will chime in.

Your available bandwidth through the proxy will be limited to the smaller of the upstream or downstream bandwidth of the person hosting the proxy. If you use a ton of bandwidth, you may piss off the person hosting the box...

Security -

Traffic between you and the proxy is very secure. This is why I use this method while I'm on the road, especially if I'm connecting via unsecured WiFi. All traffic between you to the proxy (including the initial login sequence to set up the SOCKS tunnel) is encrypted. (But traffic between the proxy and the ultimate destination site is only encrypted if the destination is using https -- so the end-to-end security is only as good as the security of the proxy server's Internet connection.)

Just make sure you use a strong password (no dictionary words, and use some digits and punctuation) on the login you use to connect to the proxy. (Or set up an RSA key pair... but this starts to get a little more involved, especially if you haven't done it before.)

Dealing with dynamic IPs -

If the ISP on the server end does not assign static IPs, then the IP address of the proxy will occasionally change. If it is infrequent enough, you can just call/e-mail the person hosting it to get the new IP when it happens. If it changes a lot, you may want to set up a free dynamic DNS service like DynDNS.
Nostalgia isn't what it used to be.
 
Aphasia
Grand Gerbil Poohbah
Posts: 3710
Joined: Tue Jan 01, 2002 7:00 pm
Location: Solna/Sweden
Contact:

Re: Proxy needed?

Sat May 22, 2010 11:10 am

IIRC there are quite a few VPN alternatives that are rather easy to setup too. Zeroshell and OpenVPN client for a full VPN-solution, etc. That should definitely be able to work with Steam if not a socks-proxy does the trick. As long as you get the VPN to work properly, either IPSEC or SSL-based. Latency would probably be an issue for online gaming, but for downloads thats not that much of an issue. And DynDNS is really nice. Especially since many vpn/routers, etc have builtin support for it.

Who is online

Users browsing this forum: No registered users and 1 guest
GZIP: On