|
Hi!
Could you help me? Here is the log I'm getting:
Logging : On
---------------------------------------
SOCKS Proxy Port : 1080
---------------------------------------
SOCKS Server Created.
SOCKS Server Started.
SOCKS Server Listen at Port : 1080
Connection from : <127.0.0.1/127.0.0.1:2112>
Proxy Created.
Proxy Started.
Accepted SOCKS 4 Request.
Accepted SOCKS 4 Command: "CONNECT"
Connecting...
Connected to <isaserver 10.26.2.101:1080="">
Connected to <isaserver 10.26.2.101:1080="">
Socks 4 reply: "Request GRANTED"
Initiating SSL Tunneling...
SHTTP Proxy Reply : [[NNECT]
ERROR : java.lang.Exception: Error Response from SHTTP Proxy !
java.lang.Exception: Error Response from SHTTP Proxy !
at socksshttp.CProxy.CreateSSLTunnel(CProxy.java:390)
at socksshttp.CProxy.ProcessRelay(CProxy.java:317)
at socksshttp.CProxy.run(CProxy.java:147)
at java.lang.Thread.run(Thread.java:484)
Proxy Closed.
|
|
|
|
|
Hi,
The problem is in your HTTP proxy.
SSH Proxy connects successfully to your HTTP proxy and sends command "CONNECT".
But your HTTP proxy returns response code different than "200" which means "OK".
So, SSH Proxy displays:
SHTTP Proxy Reply : [[NNECT]
ERROR : java.lang.Exception: Error Response from SHTTP Proxy !
Probably your HTTP proxy does not support command CONNECT (SSL tunneling), or
you does not have properly rights to use it.
Note that SSH Proxy displays java stack trace just to help me to resolve your problems.
SSH Proxy handles all possible errors.
|
|
|
|
|
I tried this utility with Kazaa, but it seems to be some problem. The log is long, so you can see it there
http://www.sweb.cz/jirinej/log.txt
|
|
|
|
|
... how do I launch sshproxy.class??
when I type in: jview sshproxy.class
I got this error message:
java.lang.NoClassDefFoundError: socksshttp/Log
please help... cheers
|
|
|
|
|
Hi,
You are using unzipping tool that does not unzip subfolders.
You must unzip all files and subdirectories from SSHProxy.zip
you must have subdir "sockshttp" which contains some java classes
Best regards
Svetoslav Chekanov
|
|
|
|
|
I'm trying to use this SSH proxy with TCP via SHTTP mode but i cant get it working.
I can access the internet at my company only via http proxy port 80 (Netscape-Proxy/3.51 with is supposed to allow TCP connections via HTTP-SSL tunnels). My goal is to acces a terminal server at home. I tried to launch a 'socksified' TSE client via sockscap but im getting this :
<br />
SOCKS Server Created.<br />
SOCKS Server Started.<br />
SOCKS Server Listen at Port : 1080<br />
Connection from : <127.0.0.1/127.0.0.1:4816><br />
Proxy Created.<br />
Proxy Started.<br />
Accepted SOCKS 5 Request.<br />
SOCKS 5 - Accepts Auth. method 'NO_AUTH'<br />
SOCKS 5 - Accepted SOCKS5 Command: "CONNECT"<br />
Connecting...<br />
Connected to <prox:80><br />
Connected to <prox:80><br />
SOCKS 5 - Reply to Client "SUCCESS"<br />
Initiating SSL Tunneling...<br />
SHTTP Proxy Reply : [HTTP/1.0 403 Proxy denies fulfilling the request<br />
Proxy-agent: Netscape-Proxy/3.51<br />
Date: Fri, 30 May 2003 19:36:34 GMT<br />
Content-type: text/html<br />
Content-length: 234]<br />
ERROR : java.lang.Exception: Error Response from SHTTP Proxy !<br />
java.lang.Exception: Error Response from SHTTP Proxy !<br />
at socksshttp.CProxy.CreateSSLTunnel(CProxy.java:390)<br />
at socksshttp.CProxy.ProcessRelay(CProxy.java:317)<br />
at socksshttp.CProxy.run(CProxy.java:147)<br />
at java.lang.Thread.run(Unknown Source)<br />
Proxy Closed.
any ideas ?
|
|
|
|
|
Hi,
All is clear. The schema you are trying is right.
Unfortunaltely your proxy *denies* access.
Look at the log file:
1. You are connected to the SOCKS 5 proxy (SSH Proxy)
2. Authentication of SOCKS Proxy is OK
3. You are sending the CONNECT comand
4. SSH Proxy tries to connect to the server
5. HTTP Proxy returns error code 403 with message "Proxy denies fulfilling the request."
So, the problem is that the proxy denies access through HTTP-Tunneling.
(command "CONNECT" is denied)
You say that proxy allows SSL connections. It is possible that the proxy have a
some kind of "smart behavior" - enabling some requests for command "CONNECT" and disable other requests.
It's possible to disable tunneling when the target is on port 23 (telnet service)
Try to use such schema to access services that are on port 6667, 25, 110 (IRC, SMTP, POP3) etc.
So if schema works for one of these ports - you will be able to set up somewhere in
the Internet a TCP-Map proxy that will point to your server at port 23.
So your connection will looks like this:
Client -> socksCAP -> SSHProxy -> HTTP-Proxy tunnel -> TCP-Map -> Your Server
If you have experiencing problems with setting up a TCP-Map proxy - please call me.
Best regards
Svetoslav Chekanov
D-Bross
http://www.d-bross.com/
|
|
|
|
|
Hai,
I just went through your Socks proxy and it is very much interesting. I would like to know whether your have actually implemented HTTP-SSl Tunnel in the proxy.
Thanking you in advance
Sony
|
|
|
|
|
My proxy requires authentication. Help!!
|
|
|
|
|
Is the program allowing authentication?
|
|
|
|
|
How obvious is it to a network administrator that I'm using a p2p program through their precious proxy? I have a slight concern that they might not be 100% pleased. Is there anything i can do about this?
By the way excellent program works like a treat with Kazaa lite.
|
|
|
|
|
Hi,
It depends on admin's skills, laziness, and verminness...
The sys admins read the summary statistics for traffic activity.
These statistics can say to him "Spunky Monkey makes many many traffic to these site..."
If the sys admin is enough smart - and the programs you are using uses a static server (like old Napster), or to specified port you will be catched...
If for example Kazaa server listens on port 2560 ... and sysadmin knows that... and He looks at the statistics that for last week you made huge traffic with ip x.x.x.x:2560
The sysadmin will know that you are using Kazaa.
The sysadmins hates Kazaa like apps because two reasons:
1. They generates much traffic
2. They are used for pirated music distribution.
Best regards
Svetoslav Chekanov
D-Bross
|
|
|
|
|
How can I configure the config.txt to use software like file-sharing?
What is the complete configuration?
Thanks
|
|
|
|
|
I am using my univeristy's ISP and they are blocking Kazaa, IRC, and other file-sharing networks like Emule/Edonkey.
I was wondering if this is the program for me? If I run this on my machine, which is connected via dial-up will I be able to use Kazaa and IRC?
If so, how would I set it up?
In the config file
# S S H - P R O X Y
# Copyright (c) 2000 D-Bross
# written by Svetoslav Chekanov (sv_cehkanov@d-bross.com)
#
# Free for non-commercial use
#-------------------------------
EnableLog=yes
#-------------------------------
SOCKSPort=8888
#-------------------------------
UseSHttpProxy=No
SHttpProxyHost=
SHttpProxyPort=
What would I put as the values? Do I need to enable SHttpProxyHost? Do I need to run this on a machine that isn't on my University's network? How would I setup Kazaa and Mirc to use it?
Thanks, I know I have a lot of questions.
|
|
|
|
|
Hi,
I will give the example with mIRC, because I know it.
If you have the environment:
HTTP Proxy: 192.168.0.1 on port 8080
Your Computer: 192.168.0.25
EnableLog=yes<br />
#-------------------------------<br />
SOCKSPort=8888<br />
#-------------------------------<br />
UseSHttpProxy=Yes<br />
SHttpProxyHost=192.168.0.1<br />
SHttpProxyPort=8080
So now run SSH Proxy on your machine (enter "java SSHProxy").
Now you will see some text - the log.
Start mIRC
set-up mIRC:
Use SOCKS Firewal - yes<br />
SOCKS 5 - yes<br />
Firewall Hostname - 102.168.0.25 (you IP address)<br />
Firewall Port - 8888 (SSH Proxy)
Now Hit mIRC button CONNECT and begin the chat...
That's all folks.
|
|
|
|
|
I want to set up a dynamic ssh-tunnel, i.e., the type of tunnel you set up with the -D switch (*). I am not sure if this program offers this functionality, does it?
Background: At my office I have to use a http-proxy to connect to internet. However, I want to set up dynamic tunnel through this proxy so I can use services on ports that are blocked by the firewall.
To do this I need something that supports SSH, dynamic tunnels and http-proxies.
* -D port
Specifies a local ``dynamic'' application-level port forwarding. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. currently the SOCKS4 protocol is supported, and ssh will act as a SOCKS4 server. Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.
|
|
|
|
|
This article is the right solution for your problem.
The main goal of my SSH Proxy is to enable people that have access only to HTTP Proxy - to use other internet applications such as IRC, Mail, ICQ, GetRight and etc.
So - read carefully the description of SSH Proxy and enjoy.
best regards
Svetoslav Chekanov
P.S. Don't forget to rate this article with highest number !!!
and visit www.d-bross.com
|
|
|
|
|
I have a question need a solution. the question as following:
In my proxy server, it's only Http protocol and Socks4/Socks5 is available, but I need to develop a program that use the Smtp protocol or other protocols except for Http and Socks4/Socks5 protocol in my client, such as sent mail. Is it feasible? if yes, how to accomplish the connection? can you give me a comment about this?
Wally
|
|
|
|
|
Hi,
The easiest way to make a connection through proxy is to use HTTP Proxy.
Most of HTTP Proxies supports command "CONNECT" which makes a tunnel to the destination.
When this tunnel is established - the communication is like you are connected directly.
Unfortunately the command CONNECT can be disabled. But it is not problem of this discussion. So, how to make HTTP-S Tunnel:
1. Connect to HTTP Proxy
2. Send the string "CONNECT www.myserver.com:25 HTTP/1.0\r\n\r\n"
3. Wait for a response.
4. Check if response begins with "2" (like "200 Conenction Established.\r\n\"
then you have successfuly connected to www.myserver.com:25 through HTTP-S Tunnel.
If response begins with other - there is a prooblem..
That's all.
SOCKS Protocol is powerful, but complex to implement. You can look somwhere for free library (classes) of SOCKS client.
best regards
Svetoslav Chekanov
|
|
|
|
|
Mr. Chekanov
I had tried to test followed your solution, but the proxy server responded to error message, the error message is:
HTTP/1.1 400 Bad Request(The data is invalid.)
Via:1.1 TL_ODC
Connection:close
Proxy-Connection:close
Pragma:no-cache
Cache-Control:no-cache
Content-Type:text/htm
content-length:3672
......
......
In Proxy Server, it is only 80(HTTP) and 8080(HTTP PROXY) port availabled
In my program of client, first, I connect The proxy Server;
Second, I sent 'CONNECT smtp.163.net:25 HTTP/1.1' to Proxy Server;
third, sent two CRLF to Proxy Server;
finally, received message from Proxy Server, but the Proxy Server responded message code is 400.
I don't know how to solution the problem, Mr. Chekanov, could you give me another solution??
Thanks
Wally
|
|
|
|
|
The command "CONNECT" is only in HTTP Proxy, not www server.
Some HTTP systems combining both WWW Server (http server) + Proxy (http proxy) to listen at one port and regarding the request they guess what to do.
You doesn't explain to what port you are connecting - 80 or 8080 ?
On port 80 is listening WWW Server - so response of type "BAD REQUEST" is normal.
But if you are connecting to 8080 - where is the HTTP Proxy - then... I think the System Administrator is configuret HTTP Proxy to DISABLE COMMAND "CONNECT"...
So - the solution is to enable the command "CONNECT"
But I will suggest to you - to install on your computer (or near you) HTTP Proxy especially for testing.
That way I tun my HTTP Proxy on my own machine and testing...
best regards
Svetoslav Chekanov
P.S. Don't forget to rate thisarticle with higher value !!!
and visit www.d-bross.com
|
|
|
|
|
My HTTP PRoxy has uses Username/Password for authentication
Please advise
|
|
|
|
|
I've implemented basic authentication. You can download my changes from http://alyandon.hypermart.net/SSHProxy.zip
|
|
|
|
|
I tried your modified version. Your zip doesn't contain the .class file, so I used the old one. Now when I run jview sshproxy I get the following:
C:\sshproxy>jview SSHProxy
----------------------------------------------
S S H P R O X Y
SOCKS Proxy Server -> HTTP SSL tunnel Master
----------------------------------------------
Copyright (c) 1999 D-Bross www.d-bross.com
Free for non-commercial use.
----------------------------------------------
Params : None
Config File : "config.txt"
"config.txt": EnableLog=<yes no="">
"config.txt": SOCKSPort=<portnumber>
"config.txt": UseSHttpProxy=<yes no="">
"config.txt": SHttpProxyHost=<hostname ip="">
"config.txt": SHttpProxyPort=<portnumber>
----------------------------------------------
Number Format Error in LoadInt(80 )
USE of SHTTP Proxy Enabled.
SHTTP Proxy Host : xx.xx.xx.xx
SHTTP Proxy Port : 0
---------------------------------------
Logging : On
---------------------------------------
SOCKS Proxy Port : 8888
---------------------------------------
Error : Invalid settings for SHttpProxy ! Use of SHTTP Proxy disabled !
SOCKS Server Created.
SOCKS Server Started.
SOCKS Server Listen at Port : 8888
Please help me. Also if you can please give some information on setting up Kazaa to work with sshproxy.
Thanks
|
|
|
|
|
I had your proxy on my win2000 machine without problems, but yet, i installed winxp and put the program too.The problem is , that after filling the lines of the config.txt, I try to create this .bat archive whit the command jview SSHProxy, and it doesn´t work.
It should appear the ms-dos window and the system working, but no, I don’t understand why, and ive tried to install it plenty of times, but no solution,m the msdos window appears after starting the start.bat, and gets immediately closed, so I cant see first wheres the problem, and why it doesn’t start to sock.
Could you help me , tell me something or simply give me a tipp,
|
|
|
|