How does SOCKS configuration works on firefox? - firefox

I'm using a manual proxy configuration on Firefox to use a SSH tunnel and everything works fine. However I try to understand how does it works. From my understanding Firefox is just transferring every request to the specified port but I'm not quite sure of what does it means. Also what happen when I don't use a proxy? I guess Firefox is using an other port or something? Basically I'm trying to understand how a web browser connects to internet.

Related

Testcafe Localhost behind has issues?

Using the latest version of Testcafe...
I'm behind a corporate proxy. Using --proxy myproxy:proxyport works fine. but when I try to use localhost, it continually responds with service not available. I have now added --proxy-bypass localhost:8080. But that has the same result.
Has anyone else experienced issues with Testcafe behind a corporate proxy -- and using localhost?
It is likely that localhost:8080 is incorrect. You need to set up your own port here.
In addition, you can simply use the following record:
--proxy-bypass localhost
In this case, all localhosts will be ignored regardless of the port.

How to use direct connection applications behind a kerberos proxy

I have a corporate proxy using Squid and kerberos for authentication, the proxy is configured for standard use, I.E allow http, https, a few others and block everything else. Now, there are many applications that support basic proxy authentication, but do not support Kerberos based authentication and many others that connect directly to the internet. I used Proxifier before the upgrade to kerberos to make my applications use the proxy, but I cannot do so now. I then installed an application called PX to create a proxy that connects to kerberos, but the proxy it creates is a simple HTTP Proxy and proxifier doesn't work correctly with it. Anyone has a setup for a situation like this?. I use Windows 10 and I obviously don't have access to the server where squid is configured. The application I need to connect to the internet uses standard https ports, it's not a torrent application nor anything that uses the ports blocked by squid. Thanks in advance.
Ok, for this particular case I've found the following setup to solve 99% of my problems.
First get Px here https://github.com/genotrance/px
Next get Fiddler: http://www.getfiddler.com/dl/Fiddler4BetaSetup.exe
Configure PX with your user and your domain and run it. By default it creates a running proxy on 127.0.0.1:3128
Configure your sistem proxy to use the proxy supplied by PX.
Execute fiddler, it should create ANOTHER proxy at 127.0.0.1:8888
Use this proxy in your apps. Proxifier should work as well.
Why use fiddler and not the direct 127.0.0.1:3128?, PX creates a pure http proxy and fiddler allows to tunnel https and connect request through it.
Any requests will pass through fiddler which will redirect them to the PX proxy which will redirect them to the squid proxy (So expect very slow speeds).
In the end since you're just redirecting your apps towards your proxy, if your proxy bans using regex expressions or direct IP connections some apps will NOT work, and in these cases using TOR or a VPN is the only real solution. Hope it helps someone avoid all the headaches I went through.

websocket connection fails in Ubuntu 13.10

We're having a weird problem at work and I'm hoping someone here can give me some ideas on how to troubleshoot it.
The problem is that I cannot make websocket connections from my Kubuntu 13.10 workstation. I've tried from both Chrome and Firefox. I'm behind a proxy and first I thought that must be the reason. However, I got some coworkers to try to connect to the same websocket echo demo and all of them were able to, except one. He was the only one running Ubuntu (same as me), the others were on Mac, Windows and even one on RedHat! Theirs all worked fine.
Ok, so now for the really weird part. I created and ran a virtual machine on my workstation (the one that couldn't connect). The VM is a Lubuntu 13.10 and what do you know, the darn thing establishes a websocket connection just fine!
So any ideas on how to troubleshoot this or even some suggestions for solutions would be very much appreciated.
Ugh... well that one was dumb.
So it turns out that in Linux you can check a checkbox in your Network Proxy settings (the system settings) that will use the same proxy for all protocols.
Yeah... don't do that!
Unless, that is, your proxy server supports SOCKS as well as HTTP/HTTPS/FTP (highly unlikely).
It turns out that if you check that checkbox, your proxy server will be registered as a SOCKS proxy and for some reason, websocket connections in both Chrome and Firefox will want to use that. So your HTTP proxy will end up getting a bunch of weird SOCKS handshakes that it doesn't understand and any websocket connection will fail.
This was tested on both Ubuntu and Kubuntu and the "problem" exists on both.
TL;DR; Don't check the "Use this proxy server for all protocols" checkbox unless your proxy server supports the SOCKS protocol. Instead, manually fill in the same server for the different protocols (http, https and ftp) but leave the socks protocol empty (or point to an actual socks proxy server).

How to trace a webrequest created in code sent to a local address

This issue is occurring in a C#, .NET 4.0 environment. I tried using Fiddler but it doesn't show up. After searching around, the suggested solution was to change the address of the request from localhost to the machine-name.
This worked on my local machine: after changing the call from localhost to my-machine, fiddler picked it up. The real issue is on a client's staging environment with production code. I can not modify the code there to take this change.
Note, as far as I know, on the client site it should be making the request out to the host name and not localhost anyways.
Also, on my local machine I actually hit localhost in my browser, and it seems to pick those up fine. Just not the request built in code. Why is that?
Thanks!
It sounds like you're saying: "This works fine on the client's PC but not on my dev PC when using Localhost." Is that correct?
In IE9, I changed WinINET to enable Fiddler to capture loopback traffic from the browser. Sadly, the .NET Framework hasn't yet adopted support for the <-loopback> token, which means that traffic sent to 127.0.0.1 or localhost bypasses the proxy.

A script that download a file and rename

I'm facing an little issue here. At the place I live, they shape the download speed by extension (using delaypool). Is there any script that I can run on my web that will let me enter the URL of files that I wanted to download, then it will download the file and rename it to "originalfilename.abc" (because .abc is not shaped)then save it on my web where I can download it. By the way, I have a paid webhosting service.
Thanks
I tried the SSH (my web hosting does indeed provide me with shell access) but all I get is a blank page in my browser. No error. Please advice.
Also, reason I choose script on the server instead of SSH because I though that SSH would be slower than direct HTTP download from my webserver. Can anyone point that out if I'm right or wrong with my thinking.
Thanks
You can write a vbs script or even batch file script that will go to a designated URL, and then download the file, then rename it. Then you can script FTP commands to upload to your webhosting service (I'm sure it has an FTP site for access). You could load this as a scheduled task, or run it manually.
I'd do either one of these routes.
A simpler (once its set up anyway ;) option I can think of is going through a secure tunnel. Whilst this is not quite answering your question I believe this to be simpler while achieving the same thing.
Get an SSH Client (Putty) and get a free Proxy. If your web-server has an SSH-server you can use it as Proxy as well of course, I am using my modified router at home as proxy via DynDns, but the Tor-Network will work, if very slow, so do other official free and paid proxy servers. If you are using an application to download that does not have the option to specify a proxy, get Proxifier Portable.
Use Putty to create the tunnel. Here some how-tos:
http://oldsite.precedence.co.uk/nc/putty.html
http://www.techrepublic.com/blog/security/use-putty-as-a-secure-proxy-on-windows/421
http://kimmo.suominen.com/docs/proxy-through-ssh/
And set your application to use your proxy (or actually to use putty which connects via SSH to your proxy) by entering 127.0.0.1:1080 into the proxy settings. Alternatively, if the app does not have an option to enter proxy settings, add 127.0.0.1:1080 to your Proxifier proxy list and add the applications that are supposed to use that connection to Proxifier.
Now you can do pretty much everything without anyone eavesdropping your connection stream being able to tell what it is, as the connection stream is SSH encrypted. This includes surfing websites that your provider/company/mother has blocked, download anything - even if blocked by IP/name/whatever-filters and even play MMORPGs from work (something which I do not recommend because it will get you fired and there is always some way for someone to figure it out, just saying it is possible to do even in secured company/school networks as Port 22 (SSH) is usually one of the 2 Ports which are open on pretty much any network (the other one being port 80)).
Its a wee bit of a pain to set up. Once it is working though, you can even put it on a usb-stick and use it pretty much anywhere as long as you remember what proxy to connect to. And you wont have to rewrite scripts to try to circumvent the delaypool thingy.

Resources