PDA

View Full Version : Softsqueeze and Remote Streaming



Tim Marino
2004-04-27, 10:00
Thanks for the clarifications.

Got putty and followed your instructions but I'm
getting a connection refused almost immediately. I'll
need to check things from the server side tonight.
Though it dies so quickly I have to wonder if port 22
is blocked by our webnazi. That will present another
obstacle. Is there a way to tunnel out on a common
port that would be open? All this just to have access
to my music.

--- "Roy M. Silvernail" <roy (AT) rant-central (DOT) com> wrote:
> On Tue, 2004-04-27 at 10:05, Tim Marino wrote:
>
> > Now for some further newbie questions.
> > ssh my.home.box -l me -L 9000:localhost:9000 -L
> > 3483:localhost:3483
> > - Is this command issued on the server or the
> local
> > machine? If local then I need ssh running on
> windows?
>
> Sorry to confuse you. You're running Windows, so you
> should go grab
> Putty from
> http://www.chiark.greenend.org.uk/~sgtatham/putty/.
> Once you
> get that installed on the local machine, you add
> your port forwards to
> the SSH/Tunnels dialog. Put '9000' in the Source
> Port edit box and
> 'localhost:9000'in Destination, then click 'Add'.
> Do the same for port
> 3483.
>
> > Roy says that he also adds forwarding for
> > -L 80:localhost:3128 which I presume forwards
> through
> > port 80 to get around the firewall at work. Would
> they
> > require any additional config on the server for
> port
> > 3128?
>
> I run a Squid web proxy on my home machine. The
> 3128 redirect lets me
> use that to surf the web instead of the company net
> connection, which
> has a transparent filtering proxy that disallows
> access to certain
> "unapproved" sites. Not that I want to surf pr0n at
> work, but some of
> the blocked sites are "colateral damage". This is
> not required for
> running SoftSqueeze over the tunnel.
>
> > Sorry for the questions. This doesn't seem that
> > complex but I need some help figuring out what
> goes
> > where. If I can get this working perhaps I can
> write
> > it up for inclusion with SS so that there is a
> > reference point in the future for the next new guy
> > that comes along.
>
> Great plan!
> --
> Roy M. Silvernail is roy (AT) rant-central (DOT) com, and
> you're not
> Never Forget: It's Only 1's and 0's!
> SpamAssassin->procmail->/dev/null->bliss
> http://www.rant-central.com
>
>

Roy M. Silvernail
2004-04-27, 10:51
On Tue, 2004-04-27 at 13:00, Tim Marino wrote:
> Thanks for the clarifications.
>
> Got putty and followed your instructions but I'm
> getting a connection refused almost immediately. I'll
> need to check things from the server side tonight.
> Though it dies so quickly I have to wonder if port 22
> is blocked by our webnazi. That will present another
> obstacle. Is there a way to tunnel out on a common
> port that would be open?

Try setting your SSH daemon to listen on port 80 (and, of course, set up
your firewall and/or router to pass port 80 in). Then set Putty up to
run SSH on port 80. I've been able to get through a number of
trtansparent web proxies that way.

> All this just to have access to my music.

Yes, but isn't it worth it? :)
--
Roy M. Silvernail is roy (AT) rant-central (DOT) com, and you're not
Never Forget: It's Only 1's and 0's!
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com

Pat Farrell
2004-04-27, 12:37
At 01:51 PM 4/27/2004, Roy M. Silvernail wrote:
>On Tue, 2004-04-27 at 13:00, Tim Marino wrote:
> > All this just to have access to my music.
>
>Yes, but isn't it worth it? :)

More importantly, all this is to securely access your music from insecure
places. To let you access the music and to keep the bad guys
out of your systems.

Ten years ago, we could just open up servers on the Internet.
Now, if you do that, it will be at least used for sending spam,
and could easily be a lot worse. So you have to install
security.

Probably, in five years or so, VPNs will be such an expected
part of Internet life that this will all be setup by default.

The reality of development is that the quick pace of
SlimServer progress and the needs of security of code
placed on an open Internet host are at conflict. Things like
Apache have to get really, really beat on. I'd rather have
SlimServer progress quickly, because at least 99% of the
users use it in a protected environment.

Once upon a time, the worry would be to keep the bad guys
out of your music. Now you have to keep them out
of your computer, period.


Pat