Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SSH Port Forwarding and X11 Question !

from [Barry Brimer] Network Security [Permanent Link]
Subject: Re: SSH Port Forwarding and X11 Question !
Date: Wed, 15 Nov 2006 21:43:04 -0600 (CST) 
I have Server A (Solaris)which needs to run a grpahics program.
Server A resides behind a Firewall.
Server B (Solaris) has access to Server A through ssh. There is a Firewall
Rule that was implemented to allow ssh traffic from Server B to Server A.
Both Server A and Server B do not have Graphics monitor attached to it.
I have PC C in which I'm running cygwin (X server). I would like to display
the grpahics program that is invoked on Server A on my PC C. My PC can ssh
(using putty) to Server B as they are in the same network.

Obviously, when I export the display on Server A to my PCs IP address, I'm
getting "Can't open Display" because Server A cannot talk to my PC directly.

I am not familiar with Solaris, but if it works the same as RHEL, this should work.

1.  Start X server on PC C.
2.  Configure Putty to use X11 on "localhost:0".
3.  Ssh to Server B.
4.  Ssh with Xll forwarding (usually ssh -X) to Server A.
5.  Run X Application.

The key is that by using the above method, your X traffic will be wrapped in your SSH connection which can traverse your firewall. When you export your display, you are not wrapping your X traffic in an SSH session, and most likely, it will not be able to traverse the firewall.

Barry

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Scp & sftp with no shell access or restricted access, Johan Swensson
Next by Date:  Re: Scp & sftp with no shell access or restricted access, Mark Senior
Previous by Thread:  Re: SSH Port Forwarding and X11 Question !, Javier Reyna Padilla
Next by Thread:  Tunnel goes haywire, Greg Bell
Indexes:  [Date] [Thread] [Top] [All Lists]