Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: OpenSSH and ftp tunnel

from [Patrick Morris] Network Security [Permanent Link]
Subject: Re: OpenSSH and ftp tunnel
Date: Tue, 14 Nov 2006 08:58:35 -0800
Christopher Reagoso wrote:
Looking for a FAQ on using OpenSSH to create an inbound secure tunnel to an insecure FTP server on a Windows 2003 server host.

Any good references I've been missing...?
As far as protocols go, FTP is a pain in the butt, which is one of the reasons SFTP exists.

The problem is that you won't be able to set up one tunnel to handle all the connections (either one inbound and one outbound in the case of active FTP, or two inbound in the case of passive). In the first case you have an outbound connection to a random high port you probably won't be able to predict at the time you're setting up your tunnel, and in the second you're going to have a connection coming in from some random high port on the client to some random high port on the server that, again, you won't know at the time you need to set up your tunnel.

You'd probably be a lot better off with SFTP, or one of the FTP servers that supports SSL.

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Scp & sftp with no shell access or restricted access, NBaronian
Next by Date:  RE: OpenSSH and ftp tunnel, MARTIN Benoni
Previous by Thread:  OpenSSH and ftp tunnel, Christopher Reagoso
Next by Thread:  RE: OpenSSH and ftp tunnel, MARTIN Benoni
Indexes:  [Date] [Thread] [Top] [All Lists]