• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • I would be hesitant to put a squid proxy directly on the Internet as there is a history of vulnerabilities in that software and afaik a bunch of them are yet to be fixed.

    First of all I would advise against trying to bypass the security controls your school implemented, but if I hypothetically would attempt to do what you’re trying I would probably set up a haproxy on a dedicated piece of hardware, such as a raspberry pi, and expose 443 to the Internet. I would configure a simple static website to serve as default, and add a ssh backend like in this guide: https://www.haproxy.com/blog/route-ssh-connections-with-haproxy

    Now you can SSH to your backend by wrapping the connection with openssl s_client. From here you can do a dynamic port forwarding, which essentially acts as a socks proxy and finally connect to that with firefox

    edit: slap a tls cert on that too for good measure. Helps with hiding the ssh traffic