I’m thrilled to announce I am no longer a prisoner of an oppressive firewall. I’m currently working at a clients site for the next *year* give or take, which has been great, but one of the things that has really irked is the fact that their firewall is downright oppressive. Corporate policies prevent anything other than 80/443 out onto the net and stop webmail from working (to protect from viruses). This is a problem for me because I keep 2-3 dedictated linux servers for various reasons, obviously I can get to the hosted webapps just fine, but sshing in the change something on them is not possible due to the above mentioned firewall.

Thats where corkscrew comes in. its a tool that allows you to change the clientside settings for OpenSSH to tunnel over the HTTP Proxy. Of course you still have to make sure that the SSH server is listening on either 80 or 443, however this is easy to accomplish if either one or both of those ports are spare or alternately you can assign and extra ip address and avoid apache/etc listening on */0.0.0.0

I’ll leave it to the other corkscrew guides as to the particular setup. And yes its probably possible for them to block this, which is why I won’t scream to loudly. Just remember if you’re one of those people trying to prevent people from using this that I’m not trying to do anything nefarious, i’m simply a geek who needs/loves port 22.

Without debating whether hackers are good, bad or simply a myth created by companies that need extra money, the common garden variety of hacker has a lot to share with those of us that are less computer literate. Hackers spend inordinate amounts of time delving into computers, and more to the point looking at computer security. Rather than fearing the hackers, we can take a page from their book, and focus a little on how to secure your computer.

Antivirus
It sounds simple, and it is, but having a virus scanner on your computer is the first step towards securing it against intrusion. While not all viruses breach security, there are plenty that do, sending documents from your computer to complete strangers, or simply reporting passwords. It’s a good enough reason to download an up-to-date virus scanner.

Its important to note that for a virus scanner to be effective, it needs to be kept up to date. If it hasn’t got the latest patterns/definitions then you might as well not have it at all. There are plenty of virus scanners out on the market, and the one you use is about preference, the URLs below should help you out:

http://www.symantec.com

http://www.trendmicro.com

http://www.grisoft.com
Spyware Removal Tools
One of the most annoying aspects of the internet today is Spyware/Adware. Not only do they cause the computer to stop functioning correctly, various types of spyware also funnily enough, spy on you computer usage. Removing them can be a stressful and time consuming effort, the links below are useful in removing spyware, and protecting your computer against further infection.

http://www.safernetworking.com

http://www.lavasoftusa.com
Firewalls
Perhaps the most misunderstood piece of technology on the planet, the firewall is a piece of software that sits between you computer and the rest of the network, or in bigger setups, between the local network and internet. Firewalls work by stopping traffic coming into a given area, while still allowing traffic to go out.

For the price of a cheap computer you can setup your very own linux firewall, around your network, customising it down to the finest details as to what you want to let in and out. It is an important step, but one that most people do not need.

The links below are for firewall applications that can be installed on your computer and used to filter both incoming traffic, and outgoing traffic generated by applications. This will help prevent attackers from gaining access to your computer.

http://www.agnitum.com
http://www.zonelabs.com

http://www.tinysoftware.com
http://www.kerio.com
http://www.sygate.com

Encryption

Less used than even the firewall, encryption is where you encrpt files and text so you can securely pass it through the internet, without the risk of anyone snooping in on your information. There are many tools for encrypting information, perhaps the most well known is PGP or pretty good privacy, which can be used to encrypt both files on your computer and also emails that you send.

Conclusion

The above applications are not the end of your security efforts, to tell you the truth, they are only the beginning. Having a secure computer is about methodology, if you are consciously trying to secure your computer, then you will be aware when you do something that makes your computer less secure. There is not harm in being a little paranoid, and certainly no harm in protecting your assets against unwanted intrusion, on that issue, hackers have their stuff sorted out.