Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Two-hops SSH tunnelling

from [Giancarlo Razzolini] Network Security [Permanent Link]
Subject: Re: Two-hops SSH tunnelling
Date: Wed, 24 May 2006 14:12:46 -0300 
Loris Serena wrote:

Guys,

I managed to get the following working:

----------------------------------------------------------------------------------------------------

A firewall between SERVER and CLIENT only allows TCP port 22 from
SERVER to CLIENT (but not viceversa!)

   SERVER    -------22------>   CLIENT

What I would like to achieve via ssh tunnelling is to send TCP port
1984 traffic from CLIENT to SERVER:

   SERVER    <-----1984------   CLIENT
------------------------------------------------------------------------------------------------------


by running (on SERVER):
$ ssh -f -N -R 1984:SERVER:1984 CLIENT


Now I'd like to add the next (and last) bit of the configuration to the
picture:

There is another firewall between CLIENT and GOOFY, again only allowing
TCP port 22 from CLIENT to GOOFY (and NOT viceversa!):

    SERVER    -------22------>   CLIENT   -------22------->   GOOFY

What I would like to achieve via ssh tunnelling is to send TCP port
1984 traffic from GOOFY to SERVER (through CLIENT):

    SERVER   <-----1984-----   CLIENT
    SERVER   <----------------(CLIENT)----------1984------   GOOFY

Please note that:
a. the remote forwarding of 1984 from CLIENT to SERVER is already working;
b. there is no native process on CLIENT listening on port 1984.

I ran `ssh -f -N -R 1984:127.0.0.1:1984 GOOFY` on CLIENT,

but testing that with telnet from GOOFY, it failed as follows:

[GOOFY]$ telnet localhost 1984
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused


So, how do I do that?
Any security issues I shold be aware of?


Thanks in advance

Ciccio


I've already had this problem when using putty and on some linux ssh
clients. The first tunnel works, but the tunnel inside the tunnel don't.
I solved it ensuring that the tunnel is an ipv4 one. So, instead of the
-R, -L or -D switches, you put the -4R, -4L and -4D switches. This way
you ensure that the tunnel will work. The problem i had was that ssh
tries to auto detect the ip version, and had problems detecting the ip
version when creating the tunnel inside other.

My regards,

-- 
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
OpenBSD Stable
Snike Tecnologia em Informática
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Attachment: signature.asc
Description: OpenPGP digital signature

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Kerberos 5 authentication without password?, Jeff Blaine
Next by Date:  Entering the Passphrase through stdin, Richard L Ross
Previous by Thread:  Two-hops SSH tunnelling, Loris Serena
Next by Thread:  Re: Two-hops SSH tunnelling, Robert Hajime Lanning
Indexes:  [Date] [Thread] [Top] [All Lists]