How to encrypt HTTP traffic (and bypass most firewalls) using SSH Tunneling with PuTTY in Windows

I’ve been using SSH Tunneling for a while now mainly to encrypt HTTP traffic when using public wireless access points.  I won’t go into detail here, just Google for “SSH Tunneling” if you need more information.  I’m also gonna assume you already have an SSH Server set up.

• Download PuTTY and save it to C:/.
• Open notepad, type in the command below and save it as securetunnel.bat (Note: remove username@ and -pw password if you prefer to get prompted for them for security reasons):
  • c:\putty -D 8080 -P 22 -ssh username@ssh_server_ip -pw password
• Double-click securetunnel.bat to connect to your SSH server.
• Open your internet browser and change its proxy settings to use 127.0.0.1:8080 as the SOCKS host.  To do this in Internet Explorer 7, go to Tools -> Internet Options -> Connections Tab -> LAN Settings -> Check “Use a proxy server for your LAN…” -> Click the “Advanced” button and set the settings just like the picture below:”

• Go to http://www.whatismyip.com and if your public IP shows up the same as your SSH server’s public IP then you’re all set!

Exchange 2007 SP1: Message rejected as spam by Content Filtering

Error Message: “550 5.7.1 Message rejected as spam by Content Filtering.”

One of our users reported that after we applied Service Pack 1 and Update Rollup 1 to Exchange Server 2007, some of the emails that he has scheduled to send daily were getting rejected with the message above.

I guess the integrated anti-spam in Exchange got updated as well.

You can configure Content Filtering in Exchange to bypass specific users or domains.

Open the Exchange Management Shell:

# To check the Content Filter configuration, type in:

Get-ContentFilterConfig

# To set the Bypassed Senders (example):

Set-ContentFilterConfig -BypassedSenders donotspamme@calazan.com, jdoe@abc.com

# To set the Bypassed Sender Domains (example):

Set-ContentFilterConfig -BypassedSenderDomains calazan.com, *.xyz.com

Important Note: BypassedSenders and BypassedSenderDomains are multivalued properties. When you use the Set-ContentFilterConfig cmdlet, it will overwrite the values of those properties. If you just need to add more senders or domains, please follow the example below.

# To add Bypassed Senders:

$x = Get-ContentFilterConfig

$x.BypassedSenders += “jsmith@google.com”, “bhope@yahoo.com”

# To remove Bypassed Senders (can only be done one at a time):

$x = Get-ContentFilterConfig

$x.BypassedSenders -= “jsmith@google.com”

# To empty the list:

Set-ContentFilterConfig -BypassedSenders $null

UK Government Laptop Sold on eBay, Including a Confidential Disc

More of these news about confidential data getting lost…

A local PC repair firm found the disc under the the laptop’s keyboard when the laptop was put in for repair.   The disc had the words “Home Office” and “Confidential” written on it.

The good news is, at least this time both the laptop and the disc have been encrypted.

Read the full article here.

Related Posts:

Backup Tape Lost – 650,000 Customers Affected

Laptop with Data on  600,000 People Stolen

12 New Microsoft Security Updates This Tuesday

It’s that time of the month again, the second Tuesday of every month known as “Patch Tuesday,” the time when Microsoft releases its security updates.

According to Microsoft’s website, they will be releasing 12 new security updates this Tuesday, February 12. Seven considered “Critical”, five marked as “Important.”

Critical (7) – Software Affected:

1. Windows
2. Internet Explorer
3. Office
4. Visual Basic
5. VBScript
6. JSCript

Important (5) – Software Affected:

1. Windows
2. Active Directory
3. ADAM
4. IIS
5. Office
6. Works
7. Works Suite

Happy Patch Tuesday fellow systems admins, let’s hope nothing breaks!

How to remove internal Excel passwords (unprotect)

This is good news for those who need to unprotect an Excel spreadsheet without knowing the password, bad news for those who actually think protecting an Excel spreadsheet is secure enough (this has only been tested on Excel files created with Excel 2003 or older).

According to this website, the passwords you enter in Excel are not used directly in protection. They are actually hashed and there are only 194,560 possible hashed values. You can then use a macro to try out all these possible combinations and a modern home computer can crack the password in seconds.

Use the free add-in below from mcgimpsey.com to remove the password for a protected Excel spreadsheet. Simply open it and you will see an extra button called “Remove Passwords.” Open the file you wish to unprotect and click the button to unlock it.

remove_internal_excel_password.xls

Here’s the macro code:

remove_internal_excel_passwords_macro.txt

IP Addresses As Personal Information

From ABC News: Peter Scharr, Germany’s data protection commissioner, said that when someone is identified by an IP Address then it should be regarded as personal information. Google disagrees with this argument and insists that an IP address merely identifies the location of the computer and a user does not always use the same computer and IP address.

Treating IP addresses as personal information would affect how search engines record data. Google, for example, already cut the time it stored information to 18 months and reduced expiration of cookies from 30 years to 2 years.

Google argues that the reason they collect IP addresses is to give customers a more accurate service by identifying what part of the world a search result comes from and what language they use, which is not enough to identify an individual user.

Read more here…

Laptop with Data on 600,000 People Stolen

Here’s another one…

A laptop containing personal information on about 600,000 people was stolen from an officer in the Royal Navy, the U.K.’s Ministry of Defense said on Friday.

The laptop contained information about new and potential recruits to the Royal Marines, the Royal Navy and the Royal Air Force, and was stolen in Birmingham last week, the ministry said.

The stolen data includes passport details, national insurance numbers, family details and doctors’ addresses for people who submitted an application to the forces, the ministry said. The laptop also contained bank details for at least 3,500 people.

They didn’t say whether the data was encrypted.

Also see this post about encrypting data with TrueCrypt (free open-source encryption software).

Backup Tape Lost – 650,000 Customers Affected

A backup tape containing personal information of 650,000 customers of J.C. Penney and about 100 other retailers went missing. Social Security numbers of 150,000 customers are stored on the tape. The missing backup tape was not encrypted…

The information was on a backup computer tape that was discovered missing last October. It was being stored at a warehouse run by Iron Mountain Inc., a data storage company, and was never checked out but can’t be found either, said Richard C. Jones, a spokesman for GE Money, part of General Electric Capital Corp.

Jones said there was “no indication of theft or anything of that sort,” and no evidence of fraudulent activity on the accounts involved.

Click here for the full article…