Setting Up a Proxy to Protect Your Public IP (An Introduction to Proxies)

I recently purchased a static IP address. While this is great for setting up VPNs, websites, and other major benefits it bothered me that I normally visit CTFs and sites that contain malicious code to accomplish these CTF challenges. There had to be a way I could better protect my public IP from direct exposure in the event I did something stupid while surfing the web. This is where a proxies come into play.

A proxy is exactly the same thing meant in the English language; think if computer A who set up the proxy wants to talk to computer C. An intermediary could be introduced (Proxy Server B) so that when computer C talks to computer A it has to go through Proxy Server B. Thus Computer C thinks its talking to Proxy Server B and only sees that IP address; when in reality all traffic is getting forwarded to computer A and vise versa.


This creates a layer of abstraction. There are many types of proxies such as reverse proxies which is used mainly for public facing web sites. We are strictly using our proxy as an anonymous proxy in that it will allow us to surf the web anonymously. There are ways to compromise proxies, set them up to be used as part of a proxy chain, and other uses for them but those topics will be out of scope for today. Lets focus on setting up a proxy on AWS before deep diving into those topics.

To begin lets log into the AWS Management Console to set up our free proxy. Registering for AWS is free and simple, navigate to:

Then sign up for an account to follow along. 

Once you are logged into the AWS console, select the "Launch a virtual machine With EC2" under the "Build a solution" section. Click the Ubuntu operating system. From here you could just click the "Launch Instance" button but let's create a key pair so that we may ssh into our box as designated by (1) in the image below.
Give your key pair a relevant name and click the "Create new key pair" button. You'll be prompted with a screen; in our case we are going to use PuTTY to login but you can set up your ssh anyway as desired. Selecting RSA as the pair type and .ppk for the key file format will accomplish what's needed to ssh into the AWS Ubuntu box. Save this key pair to a safe location and do not lose it. Now the "Launch Instance" button can be clicked.

You should now be brought to the Instances console. Note your "Public IPv4 DNS" as it will be necessary to set up ssh in PuTTY. Download PuTTY for your desired OS and follow the install instructions. Once this is done, launch PuTTY and enter the following under the Session categories' "Host Name (or IP address)":
ubuntu@<Public IPv4 DNS>

The port should default to 22. Under the Connection category in PuTTY expand SSH and select Auth. Above the Open button there should be a Browse button; browse to your saved .ppk file and select it. Click the Open button and you will ssh into your ubuntu box on AWS.

Run the following commands:
sudo apt update && sudo apt upgrade
sudo apt install tinyproxy

This will install the latest tinyproxy server on your ubuntu machine. It's now time to configure your new proxy to accept your static public ip address. Note if you don't have a static public IP you will want to set up DDNS or watch for your public IP address to change and thus update the proxy server config file. Run the following command:
sudo nano /etc/tinyproxy/tinyproxy.conf

If desired you can change the default Port from 8888; scroll down to the text "Allow 127.0.0.1" and enter this line:
Allow <your public IPv4>

Hint, if you want to find your public IP in Linux you may run "curl ifconfig.co". Save and exit the nano (or preferred) editor and restart the tinyproxy daemon (service for you windows users):
sudo /etc/init.d/tinyproxy restart

Okay great, we now have a proxy. But we are not quite done yet; we need to add a firewall exception on AWS. To do that, under the "Network & Security" category click "Security Groups". Click the "Create Security Groups" button in the upper right and enter in your security group name. I'd recommend creating a security group dedicated to proxies. Add the following inbound rule to this security group:


Where Port range is whatever port that the tinyproxy daemon is listening on. Then navigate back to your instances console, right-click on your instance and select Security >> change security groups. Add the security group you created above.

Excellent! We now have a proxy. To test you can go to any browser and set the proxy setting to use the AWS Instance's "Public IPv4 address". When searching "What's my ip" in google your Proxy's public IPv4 address should show. It's that simple and now you can surf the web and have peace of mind that your Public IP is protected.


Comments

Post a Comment

Popular posts from this blog

Covering Your Tracks

The ability to remain stealth during a penetration exercise is what separates a sophisticated hacker from a script kitty. The phrase “The Quieter You Become, The More You Are Able to Hear” holds true, especially in the field of hacking. Being able to perform Ani-forensics and avoid detection is critical to the success of hacking and penetration testing and understanding these methods is beneficial, even for white hat hackers, as there will be times in a penetration where the system is already compromised. In such cases, understanding what the attacker is doing in order to cover their tracks can help determine the sophistication of the attack or bring prosecution to the attacker. All hacks begin with system enumeration and nmap is one of the best tools to use during this discovery phase. However, as I explained in Scanning With nmap blog, port scanning a bunch of IP Addresses or every port on a target system is noisy and can cause denial of service conditions (very bad if you are
Read more

Covering Your Tracks - Anti-forensics for the Cloud - Introduction

Image
Before delving into cloud forensics there are some concepts that need to be explained. The cloud consisted of two entities, provider (companies that host cloud technologies) and tenants (companies that use cloud technologies from the providers). The cloud generally consists of three service models:  Infrastructure-as-a-Service (IaaS) where the provider provides the hardware and network. Platform-as-a-Service (PaaS) where the provider provides all the components to a tenant's application. Software-as-a-Service (SaaS) where the provider supplies the software and the components to run it and the tenant uses and at most configures the application. Chris Brenton gives a great overview of the cloud and the challenges it poses in the link below: https://www.sans.org/blog/pen-testing-in-the-cloud/ Surprisingly there is not a lot of coverage out on the web for cloud forensics and this makes sense. Cloud forensics analysts, especially for tenants, may be somewhat limited on acc
Read more

Cross-Site Scripting (XSS) Introduction

Image
  Cross-Site Scripting (XSS) Introduction Note** The following examples utilize Web for Penetration Testers which I do not own any rights to. These examples provide solutions to the live image of Web for Pentester 1 which can be downloaded at https://pentesterlab.com/exercises/web_for_pentester/course . Please attempt these exercises on your own before reviewing my solutions to gain maximum benefit.   Introduction XSS is an often-overlooked vulnerability. The generic “Hello World” example of XSS (e.g. <script>alert(“XSS”);</script>) is an overly benign example. Once an XSS vulnerability is discovered it becomes possible for attackers to modify the webpage to re-direct users to malicious site, steal a user’s session or cookie, or bypass a log in. Because XSS is such a huge topic, a series will be developed with exploitations to follow. For this blog article, XSS detection will be focused on. Eventually this series will cover JSON, XML, XPath, JQuery, and other typ
Read more