Create Secure Connection Using SSH and Putty to Prevent Sidejacking
About 2 weeks ago I write about Simple Sidejacking Using Firesheep, and then a few week after that tools reveal, there’s another application called Blacksheep to prevent the Firesheep attack.
When you using Blacksheep, there will be a pop-up appear when someone in your network using the Firesheep, and I think it’s a little annoying because you can do nothing when you know that someone there is watching you and waiting your packet data across the network.
Maybe you can try to create tunneling by using port 22 (Secure Shell). Below I will write the step by step how to tunneling using SSH.
This is my IP Address before tunneling process.
1. You should have an SSH server(googling it), usually when you have web hosting, there’s an optional feature to enable SSH remoting.
2. Download Putty, and then configure it like in the picture below.
3. After you connected to the SSH server, input your username and password.
4. After you successfully log in, leave the SSH Window opened.
5. The next step you should do is configure your browser to communicate using SOCKS. I’m using Mozilla in this case.
6. Open Mozilla Firefox Browser, Click Tools –> Options –> Advanced –> Network –> Settings.
7. Follow the instruction below to configure Firefox to connect through SSH.
Just finish all of the configuration, let’s check our IP address now using http://whatismyipaddress.com. Here’s my IP address now looks like.
Using SSH it’s another way to prevent the local area network eavesdropping or session sidejacking, but our packet data still can be sniffed at the server side(SSH server) because when you use SSH, the topology like this :
One thing you can do to minimize attack is don’t use the “remember me” because it will store and make your session ID become static. Hope this post useful for you 
Incoming search terms:
- putty backtrack 5
- backtrack 5 ssh
- putty conect tutorial
- can putty use secure connections
- connect to server ssh windows
- how to prevent sidejacking
- secure connection to my office
- sidejacking over wan
- tunneling backtrack 5
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
16 Responsesto “Create Secure Connection Using SSH and Putty to Prevent Sidejacking”
Trackbacks/Pingbacks
- Firesheep HTTP Session Hijacking Tools | Vishnu Valentino - [...] 2. You can tunnel your internet connection, [...]
- Break SSL Protection Using SSLStrip and Backtrack 5 | Vishnu Valentino Hacking Tutorial, Tips and Trick - [...] 2. Use SSH Tunneling (You can see the tutorial here). [...]
- Firesheep Session Sidejacking (Mozilla Firefox Extension) | Try n Error - [...] bisa dilihat disini gan http://www.hacking-tutorial.com/computer/...for-firesheep/ 3. Anda bisa gunakan SSH(Secure Shell) tunneling, cuman ini agak beribet dan lumayan nambah ...
- Hacking Windows 7 SP1 via Wireshark Using Metasploit + Backtrack 5 R1 | Vishnu Valentino Hacking Tutorial, Tips and Trick - [...] Use tunneling or encryption to protect your [...]
Leave a Reply
Links
Get Updates via Networkedblogs
Mantaap Tutorialnya mas, ijin copy ilmunya ya….
#analogi
boleh bro…kalo copy jangan lupa backlink ke sini ya
can u gave me a list of ssh server that are good…
i want free n fast ssh server acc…
hope u can help me…
#puppet
Actually if there’s free SSH server it won’t last long…and also if it’s free SSH server 95% didn’t allow packet redirecting..
you should buy your own a hosting or VPS or Cloud or something like that and check are they allowing packet redirection or not.
for free shells, you can check here also (but I didn’t know it works or not http://shells.red-pill.eu/)
how about shellmix.com???
have you try it?
#puppet
I haven’t try it..maybe others can give a try and report? but usually free ssh frequently down or have frequent problem with the connection
yup…
i have tires it last two day…
1st tym i try…i was enable to tunnel the connection…
but the next day…
i got an error: proxy server is refusing connection…
what are the possiblities???
it the webserver down or what???
if dat so,why i can connect trought the webserver(shellmix.com:ssh connetion) using putty???
thanks a lot it's very useful!!
#dikien
you’re welcome
When I use kpym.com on putty it says: login as: password: what i should put there?
I need that information because my f*ck brother are stealing my password when i enter on a HTTPS website like hotmail, he do that on the wifi… someone can help me?
#Daniel
1st you should have SSH server, so you will know what the username and your password of your SSH server.
Soooo, How can I have SSH server? Can you help me? Where I need to be registered?
#Daniel
you can ask to your ISP how to buy hosting with SSH server support…also you should ask to your provider are their server supported packet forwarding or not….
Thanks by answering. I haven't any idea what are you saying…. :S I'm a beginner…..
I already use this method using a server in my office network.
However, my SSH-Server is connected through the office Gateway.
Is it possible for the Gateway to sniff the packet from SSH-Server to the World?
If so, how can I protect the packet being sniffed from the Gateway?
Thanks!
#bonn
yes it’s very possible gateway sniff your packet…
you can encrypt your connection using SSH and tunnel it http://www.hacking-tutorial.com/computer-security/create-secure-connection-using-ssh-and-putty-to-prevent-sidejacking/
if you don’t have, just pray they’re not interesting to see your packet