| Author |
Message |
Guest
|
 Posted:
Tue Jun 07, 2005 12:20 am Post subject:
Secure Tunnelling software from a usb drive? |
|
|
Hi,
I've spent a while looking for this - does anyone know of a program
that can provide ssh and socks5 tunnelling capabilities (for use with a
secure proxy) with port forwarding so that multiple programs can be
directed to it and it will forward these requests on to a set of
specified proxies (depending on whether ssh or socks5)?
Oh, and this software must run without install. :(
Any help would be fantastic.
Cheers,
ChampagneDP |
|
| Back to top |
|
 |
T. Sean Weintz
Guest
|
| Posted:
Thu Jun 09, 2005 11:35 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
champagnedatepack@gmail.com wrote:
| Quote: | Hi,
I've spent a while looking for this - does anyone know of a program
that can provide ssh and socks5 tunnelling capabilities (for use with a
secure proxy) with port forwarding so that multiple programs can be
directed to it and it will forward these requests on to a set of
specified proxies (depending on whether ssh or socks5)?
Oh, and this software must run without install. :(
Any help would be fantastic.
Cheers,
ChampagneDP
|
So in effect you want a way to do ssh and socks5 tunnelling from a
machine that is locked down and won't allow ytou to run the windows
installer.
If you can't run install on the machine THERE IS A REASON FOR IT and I
for one ain't gonna help you circumvent it. |
|
| Back to top |
|
|
Guest
|
| Posted:
Fri Jun 10, 2005 4:20 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
I understand your point - if a machine has installation restricted,
it's for a reason... but i'm not trying to install anything by force -
if that were the case I'd just be looking for cracks to attain
administrator privilege.
Instead, I'm looking for a program that, as you say, facilitates SSL
and SOCKS v5 tunneling (including port hiding) that runs without
registry read/writes and so needs no installations. Very different
kettle of fish.
Why? Well as you may know, Primedius offer a USB program that runs a
version of linux with firefox etc... installed, so that people on the
move can utilise public boxes without being monitored, for whatever
reason (the desire for privacy isn't always a bad thing). I was just
looking for the equivalent that doesnt require you to boot off a
removable drive, and which also doesnt tie you to primedius.
I hope I've cleared that up - any ideas would be great. Thanks. |
|
| Back to top |
|
|
T. Sean Weintz
Guest
|
| Posted:
Fri Jun 10, 2005 4:20 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
champagnedatepack@gmail.com wrote:
| Quote: | I understand your point - if a machine has installation restricted,
it's for a reason... but i'm not trying to install anything by force -
if that were the case I'd just be looking for cracks to attain
administrator privilege.
Instead, I'm looking for a program that, as you say, facilitates SSL
and SOCKS v5 tunneling (including port hiding) that runs without
registry read/writes and so needs no installations. Very different
kettle of fish.
|
Um, no, thats exactly what I thought you meant.
| Quote: | Why? Well as you may know, Primedius offer a USB program that runs a
version of linux with firefox etc... installed, so that people on the
move can utilise public boxes without being monitored, for whatever
reason (the desire for privacy isn't always a bad thing).
|
The desire to circumvent authorized monitoring IS always a bad thing. If
someone wants to use anonymous proxies they should do it from their own
machine. This sort of thing should not happen without permission from
the owner of the machine. Period.
| Quote: | I was just
looking for the equivalent that doesnt require you to boot off a
removable drive, and which also doesnt tie you to primedius.
I hope I've cleared that up - any ideas would be great. Thanks.
|
I don't think such an animal exists. Closest I have seen would be the
later versions of HipCrimes news agent, which would run without install
and supported socks5 (as well as TLS), but only does NNTP. And it's been
mostly purged from the net - you can't get a copy of it easily nowadays. |
|
| Back to top |
|
|
Robert Redelmeier
Guest
|
| Posted:
Fri Jun 10, 2005 9:33 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
T. Sean Weintz <strap@hanh-ct.org> wrote:
| Quote: | The desire to circumvent authorized monitoring IS always
a bad thing.
|
Perhaps. But what constitutes "authorized"? Email
snooping? And a desire to circumvent UNauthorized
monitoring IS always a good thing.
| Quote: | If someone wants to use anonymous proxies they should
do it from their own machine.
|
Everything not expressly allowed is presumed forbidden?
Perhaps in Germany but not in America. If an owner
doesn't want others to use anonymous proxies, can't
they just route them to 127.0.0.1?
| Quote: | This sort of thing should not happen without permission
from the owner of the machine. Period.
|
Why? What legitimate owner's interest is being protected?
What requires machine-level monitoring rather than
firewall/gateway monitoring?
On one level, a cybercafe owner or employer has certain rights.
But the user also has certain privacy rights [inalienable
in the EU] that the machine owner simply may not be able
to provide. Maybe then the machine should not be used.
But maybe a smart owner would allow non-damaging use?
-- Robert in Houston |
|
| Back to top |
|
|
Henning Wangerin
Guest
|
| Posted:
Sat Jun 11, 2005 12:09 am Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
On Mon, 06 Jun 2005 16:37:09 -0700, champagnedatepack wrote:
| Quote: | Hi,
I've spent a while looking for this - does anyone know of a program that
can provide ssh and socks5 tunnelling capabilities (for use with a secure
|
ssh: yes
socks5: no
Go to google for "putty ssh", and find a nice litte ssh/telnet client. No
problem running it from any maschine
| Quote: | proxy) with port forwarding so that multiple programs can be directed to
it and it will forward these requests on to a set of specified proxies
(depending on whether ssh or socks5)?
Oh, and this software must run without install. :(
|
No problem - no install. Only the fingeprint of the targeting server is
saver on the local machine. |
|
| Back to top |
|
|
T. Sean Weintz
Guest
|
| Posted:
Sat Jun 11, 2005 12:20 am Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
Robert Redelmeier wrote:
| Quote: | T. Sean Weintz <strap@hanh-ct.org> wrote:
The desire to circumvent authorized monitoring IS always
a bad thing.
Perhaps. But what constitutes "authorized"? Email
snooping? And a desire to circumvent UNauthorized
monitoring IS always a good thing.
|
Yes, of course. But this guy explicitly stated he wants something he can
run on public machines (I assume library or cybercafe, maybe school?)
computers without having to do an install. Either the machine is locked
and odesn't allow installs, or he simply does not want to leave evidence
that he was running the program on the PC - either of which would seem
to indicate he is doing something he should not be doing.
BTW, email snooping is not neccessarily a bad thing. And of course on an
employers machine one has no right to expect that it won't be snooped.
And in fact for public companies, Sarbanes-Oxley REQUIRES them to keep
an unaltered arcvhive of every email you send or recieve at your job.
| Quote: |
If someone wants to use anonymous proxies they should
do it from their own machine.
Everything not expressly allowed is presumed forbidden?
Perhaps in Germany but not in America. If an owner
doesn't want others to use anonymous proxies, can't
they just route them to 127.0.0.1?
|
With private property, I'd say yes. Even in the USA. If I loan someone
my car to drive to the store, and they drive accross country instead,
you can sure as hell bet they will be arrested for car theft. Even if I
didn't specifically tell them not to drive cross country in it.
But it seems that in this case, software installation it WAS expressly
forbidden - he wants something that will run without an install. Why?
Either installs are disabled, meaning the owner does not want software
other than what is on the machine run, or this guy wants to hide the
fact he ran the software on the box, which implies he knows the owner
doesn't want him doing it.
| Quote: |
This sort of thing should not happen without permission
from the owner of the machine. Period.
Why? What legitimate owner's interest is being protected?
What requires machine-level monitoring rather than
firewall/gateway monitoring?
|
The legitimate owner interest being protected is the simple right to
decide what their machine is used for!
| Quote: |
On one level, a cybercafe owner or employer has certain rights.
But the user also has certain privacy rights [inalienable
in the EU] that the machine owner simply may not be able
to provide. Maybe then the machine should not be used.
But maybe a smart owner would allow non-damaging use?
-- Robert in Houston
|
|
|
| Back to top |
|
|
Robert Redelmeier
Guest
|
| Posted:
Sat Jun 11, 2005 5:30 am Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
T. Sean Weintz <strap@hanh-ct.org> wrote:
| Quote: | Either the machine is locked and odesn't allow installs,
or he simply does not want to leave evidence that he was
running the program on the PC - either of which would seem
to indicate he is doing something he should not be doing.
|
Ah, but the usual reason for locking machines is to
reduce maintenance on fragile MS-Windows systems. And to
facilitate recovery by data-free reimaging.
To answer part of the OP's question, s/he could put Simon
Tatham's `putty.exe` on a USB stick. I really cannot see
what harm running it (a terminal emulator) would cause.
| Quote: | BTW, email snooping is not neccessarily a bad thing. And of
course on an employers machine one has no right to expect
that it won't be snooped.
|
I do not believe this is true in the EU, where email
privacy is supposed to be guaranteed.
| Quote: | And in fact for public companies, Sarbanes-Oxley REQUIRES
them to keep an unaltered arcvhive of every email you send
or recieve at your job.
|
IANAL SOx requires no such thing. It requires that any
public-trading relevant emails be retained for specified
periods. Some lazy companies implement it by archiving
everything. Dangerous for later discovery. My divisiion has
been told that we are not material for SOx purposes, but need
to retain anything that might be ourselves. Some companies
may also run afoul of EU privacy law if they retain/archive
emails of EU residents that are not from US employees.
| Quote: | Even in the USA. If I loan someone my car to drive to the
store, and they drive accross country instead, you can sure
as hell bet they will be arrested for car theft. Even if
|
Not in the USA. Theft is the taking without authorization.
Keep overlong or unauthorized use are very different offenses,
if they exist at all. Some states have recently had to
add laws to cover car renters who kept the cars past due.
-- Robert |
|
| Back to top |
|
|
glen herrmannsfeldt
Guest
|
| Posted:
Sun Jun 12, 2005 12:20 am Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
T. Sean Weintz wrote:
(snip)
| Quote: | Yes, of course. But this guy explicitly stated he wants something he can
run on public machines (I assume library or cybercafe, maybe school?)
computers without having to do an install. Either the machine is locked
and odesn't allow installs, or he simply does not want to leave evidence
that he was running the program on the PC - either of which would seem
to indicate he is doing something he should not be doing.
|
Most unix software can be installed by a user in the users own
directory without root access. Most windows software, even if it
doesn't do anything that needs privilege, needs Administrator
access to install. There is no reason it needs to be that way
as far as security goes, but that is the way it is.
-- glen |
|
| Back to top |
|
|
T. Sean Weintz
Guest
|
| Posted:
Mon Jun 13, 2005 4:20 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
Robert Redelmeier wrote:
| Quote: |
Not in the USA. Theft is the taking without authorization.
Keep overlong or unauthorized use are very different offenses,
if they exist at all. Some states have recently had to
add laws to cover car renters who kept the cars past due.
-- Robert
|
Interesting. However I do know someone who was arrested for car theft
once when doing exactly what I described - borrowing it to go to the
store and deciding to drive to virginia instead. |
|
| Back to top |
|
|
T. Sean Weintz
Guest
|
| Posted:
Mon Jun 13, 2005 4:20 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
Robert Redelmeier wrote:
| Quote: | To answer part of the OP's question, s/he could put Simon
Tatham's `putty.exe` on a USB stick. I really cannot see
what harm running it (a terminal emulator) would cause.
|
No harm. But that does not seem to be what the original poster was
looking for. he/she seemed to want something more along the lines of
what sockschain does, but without the need to do an install. The OP
specifically said they were looking for something that other
applications will plug into. I took that to mean something "sockscap" like. |
|
| Back to top |
|
|
Rich Seifert
Guest
|
| Posted:
Mon Jun 13, 2005 10:36 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
In article <11arbo9rasj5t69@news.supernews.com>,
"T. Sean Weintz" <strap@hanh-ct.org> wrote:
| Quote: | Robert Redelmeier wrote:
Not in the USA. Theft is the taking without authorization.
|
Most American criminal law is *state* law, not federal. What constitutes
theft is generally determined from a state-by-state statutory
definition.
For example, the common-law definition of theft is the unlawful taking
of personal property *with the intent to permanently deprive* its
rightful owner. However, in California, there is no such "specific
intent" requirement, and one can be guilty of theft if they "feloniously
steal, take, carry, lead, or drive away the personal property of another
.... ."
Cal. Penal Code § 484 (West 2005).
(I am not a lawyer; I *am* a law student in my last year of study.)
| Quote: | Keep overlong or unauthorized use are very different offenses,
if they exist at all. Some states have recently had to
add laws to cover car renters who kept the cars past due.
|
California, being a land of cars and car rentals, enacted such a law in
1959 (more than 45 years ago), and it has not been amended since!
"Whenever any person who has leased or rented a vehicle wilfully and
intentionally fails to return the vehicle to its owner within five days
after the lease or rental agreement has expired, that person shall be
presumed to have embezzled the vehicle."
Cal. Veh. Code § 10855 (West 2005).
The presumption affects the burden of evidence. That is, if you keep
your rental car more than five days after you were supposed to return
it, the law presumes that you have embezzled (stolen) it, and the burden
shifts to you to show that you had a legally valid reason to keep
possession beyond the rental contract terms.
| Quote: |
Interesting. However I do know someone who was arrested for car theft
once when doing exactly what I described - borrowing it to go to the
store and deciding to drive to virginia instead.
|
The law may be different in that state, or the offense might have
involved a federal statute, having crossed state lines with the car.
--
Rich Seifert Networks and Communications Consulting
21885 Bear Creek Way
(408) 395-5700 Los Gatos, CA 95033
(408) 228-0803 FAX
Send replies to: usenet at richseifert dot com |
|
| Back to top |
|
|
J. Clarke
Guest
|
| Posted:
Mon Jun 13, 2005 11:07 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
Robert Redelmeier wrote:
| Quote: | T. Sean Weintz <strap@hanh-ct.org> wrote:
Either the machine is locked and odesn't allow installs,
or he simply does not want to leave evidence that he was
running the program on the PC - either of which would seem
to indicate he is doing something he should not be doing.
Ah, but the usual reason for locking machines is to
reduce maintenance on fragile MS-Windows systems.
|
Well, actually the usual reason is to keep users from writing into the
system area. This effectively prevents software installation because
software developers insist on writing to the system areas even when they
have no legitimate need to do so. If you are installing an application on
a default-configured XP or Server 2K3 system from a nonprivileged account,
and it won't install, think very hard about whether you want to let that
developer make changes to the system files before you log in as
administrator to install.
Unix systems are locked down in the same manner for the same reason, however
Unix has had that security model from the start and so the developers have
learned the hard way that there are things that their user applications
will not be allowed to do, and so application installation is not a
problem.
| Quote: | And to
facilitate recovery by data-free reimaging.
To answer part of the OP's question, s/he could put Simon
Tatham's `putty.exe` on a USB stick. I really cannot see
what harm running it (a terminal emulator) would cause.
BTW, email snooping is not neccessarily a bad thing. And of
course on an employers machine one has no right to expect
that it won't be snooped.
I do not believe this is true in the EU, where email
privacy is supposed to be guaranteed.
|
I'm curious as to the specific legislation--I haven't been able to find
anything that says that employers in the EU cannot monitor their employees
mail--I have found some references to specific legislation in specific
member countries but nothing that would apply to the EU as a whole.
I'm not disputing you, I would just like to read the legislation.
| Quote: | And in fact for public companies, Sarbanes-Oxley REQUIRES
them to keep an unaltered arcvhive of every email you send
or recieve at your job.
IANAL SOx requires no such thing. It requires that any
public-trading relevant emails be retained for specified
periods. Some lazy companies implement it by archiving
everything. Dangerous for later discovery. My divisiion has
been told that we are not material for SOx purposes, but need
to retain anything that might be ourselves. Some companies
may also run afoul of EU privacy law if they retain/archive
emails of EU residents that are not from US employees.
Even in the USA. If I loan someone my car to drive to the
store, and they drive accross country instead, you can sure
as hell bet they will be arrested for car theft. Even if
Not in the USA. Theft is the taking without authorization.
Keep overlong or unauthorized use are very different offenses,
if they exist at all. Some states have recently had to
add laws to cover car renters who kept the cars past due.
-- Robert
|
--
--John
to email, dial "usenet" and validate
(was jclarke at eye bee em dot net) |
|
| Back to top |
|
|
Robert Redelmeier
Guest
|
| Posted:
Mon Jun 13, 2005 11:56 pm Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
T. Sean Weintz <strap@hanh-ct.org> wrote:
| Quote: | No harm. But that does not seem to be what the original
poster was looking for. he/she seemed to want something
more along the lines of what sockschain does, but without
the need to do an install. The OP specifically said they
were looking for something that other applications will
plug into. I took that to mean something "sockscap" like.
|
Well, humph! I'm not entirely sure what this `sockschain`
does but why would it need an install if the system can read
removable media and run executables from there. A "locked-down"
system might easily be configured this way. Or not, at the
administrators discretion.
Without a "no outside executables" clause in the TOS, I'd
assume a system configured to execute from removable media
also allowed such execution. And a no-exec TOS clause is
unenforceable: What about Javascript that many sites use?
I'm pretty sure a `putty.exe` limited clone could be written
in JS and dropped on some website. Maybe even `sockschain`
There really is nothing special about "Installs" beyond loading
executables and mapping libs & other files. With CoW VM systems,
the media cannot be removed until the process is done.
Of course proxying opens up a whole can of worms. I would
hope no MS-WindowsNT+ system would allow non-Administrator
processes to listen on priviliged ports (<1000). And anyone
hitting non-priviliged ports cannot count on security.
sockschain seems to use 1080 or maybe 8080. There might be some
nefarious ways a black-hat cybercafe user might [further] corrupt
MS-IE to get all users HTTP traffic relayed through their machine.
Nasty, but the crime is not in what their [rented] machine is doing,
but in their sending instructions that accessed others machines.
Not that law enforcement is likely to understand the distinction.
They'd probably say "Spying is RONG unless we're doing it".
-- Robert |
|
| Back to top |
|
|
Robert Redelmeier
Guest
|
| Posted:
Tue Jun 14, 2005 12:20 am Post subject:
Re: Secure Tunnelling software from a usb drive? |
|
|
T. Sean Weintz <strap@hanh-ct.org> wrote:
| Quote: | MS Windows still has the philosophy of the user being
"Administrator" when this is provably dangerous.
Not true.
|
Sure it is.
| Quote: | these days the default on windows XP machines in a domain
is to have users have no write access to the c:\windows dir,
as well as the machine hive of the registry.
|
Ah, but that only applies when machines are setup as multi-user.
Most consumer machines are set up with one user "Owner"
who also has Administrator access. As usual, MS has chosen
technically inferior but economically superior [for them] defaults.
They reduce tech support calls from "can't do this" at a cost in
"my system has a virus" which they don't handle.
| Quote: | Unfortunately most lower end and niche market software
vendors can't seem to understand this concept. They act
amazed when their install crash on a default setup.
|
Yes. But the increase in unwriteable c:\windows might
cause them to fix their bugfests.
-- Robert |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in