General :: SSH Tunneling For Bypassing Firewall
Aug 4, 2010
I am on Linux on machine LOCAL (my notebook).I ssh into a company machine REMOTE which is behind a firewall and ONLY allows incoming ssh connections (port 22), no outbound connections whatsoever. I do have full root access on both, LOCAL and REMOTE, REMOTE is however a VPS and behind a hardware firewall.I now need network access on REMOTE (HTTP and other protocols) for downloading and building some software. I also need to access to NON HTTP protocols such as git.
I was hoping to set up a reverse SSH tunnel for using my LOCAL machine, where I could be running a socks server. So that network access on REMOTE would be redirected over the SSH tunnel to a socks server running on machine LOCAL.How would I go about setting something like this up?
View 2 Replies
ADVERTISEMENT
Mar 28, 2010
I have a local computer (local), and remote computer (remote) behind of remote server (server). Also, I have user access to all of these 3 machines. Now, I want mount some directory, located at remote, to my local mount-point via sshfs. How should I setup my local sshfs and what should be done on server to make this mounting?
I'm stuck with ssh tunneling because the default method for tunneling requires root access while WinSCP somehow could do this with only user access (the tunnel server could be configured there in 'tunnel' panel).
View 5 Replies
View Related
May 19, 2010
I am having trouble accessing social networking sites like orkut due to govt restriction.
View 1 Replies
View Related
Jul 14, 2011
I have a machine called ic that I can ssh to. There is another machine, fw, that is on a completely different VLAN, and I cannot talk to it. ic is on both my VLAN and the VLAN that fw uses, and so my usual procedure for sshing to fw is to ssh into ic and from there ssh into fw. If I wanted to script this action, however, how could I get it to work?
I tried ssh root@ic "ssh root@fw", but this results in the message Pseudo-terminal will not be allocated because stdin is not a terminal, and then I get three messages from fw, presumably because it has null input:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
View 1 Replies
View Related
Feb 28, 2011
There is an udp video stream accessible only on the local network, but I need to access it outside of the network. I have Linux machine (multiple actually) with root access.There is a small utility that makes the stream accessible on the local machine on port 1234.
./ping -h streamserver -p 1234
If I run it I can access the stream using vlc or mplayer.
mplayer udp://@:1234
vlc udp://@:1234
Now, I'm trying to create a port foward from my remote machine and access the port, but it is failing.
ssh me@machine -L 1234:127.0.0.1:1234
View 1 Replies
View Related
Jan 29, 2010
I'm having trouble ssh tunneling through two servers to get to my database. Server3 is restricted to all except from server2 and I'm at server1. So on server2 i do ssh -L1434:server2:1435 -l user server2 - this works i'm able to connect to the db on server3 from server2. But on server3 i'm trying to ssh -L1433:server2:1434 -l user server2
- and I get 'connection refused'. I tried telnet server2 1434 from server3 and i get 'connnection refused'. I checked the firewall is open on server 2 - firestarter confirms that port 1434 is open to everyone. I'm not sure what I'm doing wrong, but I have a hunch that maybe firestarter on server2 is not working correctly, because it also shows that port 22 is open to everyone and I can telnet server2 22 and I'm able to connect.
View 2 Replies
View Related
Feb 18, 2010
I have done some research on the net and I am battling to find effective methods in other to bypass those irritating ISP traffic shapers. I have used SSH tunneling to reduce latency (which is my primary goal, i dont care about silly torrents, etc) by about 200ms.
Do you know of any other way that I could improve this latency? When I ping my server in Germany (from South Africa) i get a latency of about 185ms... I was hoping to get online gaming traffic to around about 250ms or even less if possible... Right now its sitting on 550ms WITH SSH tunneling and 800ms without it... (to Blizzard servers)
View 3 Replies
View Related
Jul 26, 2010
I can bypass our firewall in IE. They use wildcards, like 10*. I've tried 10.100.0/16, but am still getting to our firewall. How can I specify the correct settings for Firefox?
View 4 Replies
View Related
Nov 16, 2010
I was under the impression the Linux (in my case the Fedora OS) is very secure. However I've learnt with deep concern that that one can have access to the system during system startup i.e one can give various startup directives and bypass the normal login UI to have direct root access.
Is there a way to disble this so that the directives during startup are fixed and cannot be altered. I would like to make the system secure to the maximum extent possible.
View 5 Replies
View Related
Sep 1, 2010
I setup a SSH server on my computer on a very high port, so that my brother could surf the web through my computer from Iran, since the majority of websites are filtered there.
Today, he told me he cannot connect to my computer. That's why, I got suspicious that they are doing packet based filtering instead of port. Then I decided to change the port to 433 for https, but one of my friend told me that they just banned https in Iran as well.
I was wondering if there's any way I can manipulate SSH packets between two computers so that my brother's ISP won't figure out he's exchanging SSH packets?
View 2 Replies
View Related
Jan 17, 2010
I have a user that has already used up a demo 24hr trial on my website. At present, I only check the customer id and the IP address to search for duplicates. On the whole this works but it's not foolproof. We now have 1 user from China that is changing their IP address everyday to get access to the free trial. Any options on what to do? I thought of downloading a cookie to their computer that the website could pick up - again not foolproff but most people don't disable cookies. Any other options?
I could ban China temporarily until the user gives up but if they find another proxy to chain then their IP address will be different again.
View 14 Replies
View Related
Apr 27, 2011
I know this isn't directly related to Ubuntu (even if the rest of my network is pure Ubuntu!), but I haven't had any luck uncovering this info through the usual channels. Does anyone know which port Android 2.2 on a VIA wm8650 uses to access the Internet? My Wifi is routed through a Linux firewall (Ipcop) which forces normal outbound Internet traffic via normal ports (80, 8080 etc) through the ipcop proxy, but the wm8650 somehow bypasses the proxy. I don't know whether I'm just missing the port the tablet is actually using.
View 1 Replies
View Related
Jun 3, 2011
I am looking for a way to permanently delete files immediately - no trash, no taking up space but a command to make a file immediately gone. I have a USB flash drive and it has a hidden .trash file on it that builds-up until I have no more room on the flash drive - all space taken up by deleted files. I need a command that bypasses the trash and immediately deletes a file for good making space available.
View 5 Replies
View Related
May 26, 2010
I am not sure whether it's possible or not. We running squid proxy server for our office. We restrict users using ACL to access the internet. There is some who do the followings:
1. Create a own proxy in there box who has the internet access.
2. Other users use those box as proxy and access to the internet.
View 3 Replies
View Related
Apr 11, 2010
I was running a ubuntu server on another PC which has no keyboard. only power and lan cable is connected and i was remotely admining it from my desktop PC. When i turned that Server PC on earlier , it goes straight into user login screen of ubuntu server. But right now i see the grub menu list which is expecting the keyboard Enter input. how do i remove that so later on i don't need to plug the keyboard and hit enter to goto server login ?
View 4 Replies
View Related
Apr 23, 2011
I'm trying to backup my old PC games so that I can finally banish their CDs to the attic once and for all. I've just been using the DD command to grab iso's of my games so far, while keeping their keys in a text file (see the DD command below). However, I just hit my C&C collection and I'm having some problems with some of the newer games like Renegade and Yuri's Revenge. I think they must be copy protected or something. 4 of my last discs have stopped copying at exactly 1.7MB (3 seperate DVD drives, 2 IDE, 1 USB enclosed). Can you guys think of anything else that will cause DD to fail at this location? Any ideas? I'd prefer it to be a command line option, as I'm trying to make things go as quickly as possible. Here's the command I've been using. code...
View 1 Replies
View Related
Mar 25, 2011
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
View 9 Replies
View Related
May 18, 2010
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
View 3 Replies
View Related
Feb 1, 2011
I currently have SSH set up on my network and facing outwards so that I can use my private key to authenticate and remotely administrate my server along with the ability to use SSH tunnels when needed to encrypt my traffic. However, I want to be able to give a friend access and use my server as a SSH tunnel, I do not want him to be able to execute any commands or write any files, just to create an SSH tunnel. Although it would not be too much of a large issue if he could write to his own home directory, I just want to ensure that he isn't able to browse around the whole file system and keep it as simple as possible.
View 9 Replies
View Related
Mar 7, 2011
I tend to not use webmin, but there's just some things I dont want to deal with via command line. I know that having Webmin require an SSH tunnel is possible, but i'm not sure how to approach it.
View 1 Replies
View Related
Feb 27, 2011
I am trying to setup a version of OzymanDNS but am not quite sure I am understanding part of the instructions found here.My domain/website is hosted with a web hosting company, using their name servers. I have added a sub domain [URL], using an A record to send any requests for [URL] to my home IP address, where I have a server running. Do I need to also add the code below to my server at home which has BIND installed or are the instructions expecting that I have full control of the main name server already?
Code:
tunnel.example.com. IN NS www.example.com.
www.example.com. IN A 123.123.123.123
View 2 Replies
View Related
May 27, 2011
I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'
I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?
View 1 Replies
View Related
Feb 2, 2011
I want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?
View 1 Replies
View Related
Mar 14, 2011
I am trying to tunnel through my college's free AP so I can get access to protocols outside of http and https. The school has an in-browser DNS redirect until you log in.The output of "cat /proc/version" on the server OS is "Linux version 2.6.35-27-generic (buildd@palmer) (gcc version 4.4.5 (Ubuntu/Linar o 4.4.4-14ubuntu5) ) #48-Ubuntu SMP Tue Feb 22 20:25:29 UTC 2011" The client OS is Windows 7. What I have done so far is use Proxy Cap to redirect applications to a Putty tunnel connected to the server. Eventually I want to tunnel that SSH connection through my school's firewall, so that I can keep encryption and have a reasonable amount of ease with setup.
I am not particularly educated on the inner workings of the DNS redirecting so I was not sure what to search for. My attempts to connect Firefox over normal http proxies failed and since all ports are blocked besides http and https I didn't attempt any socks or SSH. I have also tried simply hosting the SSH server on http ports with little success. I hope that I can do this without having to purchase a domain, but that's starting to seem like that won't be the case.
View 8 Replies
View Related
Feb 24, 2010
I have been ssh tunneling, which works great.I can browse the internet by simply tunneling my traffic through my SSH server.the following command: ssh -ND 9999 username at myserver.i cant postlinks.is all I have type, and I can connect to a SOCKS proxy server on localhost:9999.My problem is that I have an application that only supports HTTP proxies.Is there any way I can get it tunneling over the socks proxy?
View 4 Replies
View Related
Jul 3, 2010
I bought a mlb.tv to watch baseball game online and they have blackout for local teams. I try to use proxy sock to bypass the blackout, but for some reason they know my location because I'm getting blackout. I check to see if they were just checking for proxies and I went and I try to watch other games not in my area and I was able to watch it. I use this command on the ssh client "ssh -D 9090 user@domain.com" and I change the setting on my network. I do a ip lookup and the ip address is from the server location. I dont want you guys to tell how to bypass, I just want to understand how they know my location.
View 1 Replies
View Related
May 7, 2011
I am trying to use the ssh reverse tunneling through the command
Code:
ssh -l login -p port <ip address> -R <remote port>:<local Ip>:<local port>
In order to enable some one in the remote host to connect my machine. through the command
Code:
ssh 127.0.0.1:<remote port>
However when I try to execute the first ssh command above I got the warnning
Code:
Warinning: remote port forwarding failed for listen port <remote port>
The problem always happens when the remote host I have tried to connect is my Fedora 14 machine. I can do that when using an Ubuntu as the remote host.
View 9 Replies
View Related
Mar 23, 2010
I am currently setting up a old box to serve as a general, quality router/fileserver that should give me fine control over my network traffic. This router will serve as the bridge between several local users and the Internet, along with quite a few machines.Traffic is expected to be heavy, in the sense of multiple powerusers using the Internet to the fullest, not from one machine doing anything insane like Torrenting. The connection profile will reflects lots of up and down, not necessarily a huge number of persistent connections.Due to security concerns, the need to build an encrypted tunnel between a SoHo LAN and a dedicated server is unescapable. I'm trying to determine whether I can pull this off with a simple SSH tunnel on the box serving as the local router, or if a VPN (either PPTP or L2TP) is a more appropriate solution.Proxying won't work, because not all apps can easily be socksified across the Windows, GNU/Linux, and OSX platforms that the users will need. For this reason, I have to pull this off strictly at the router level.
I'm not all that familiar with the specific details of each protocol's performance as far as their latency, efficiency, overhead, and fault-tolerance are concerned. I'm less concerned with a protocol taking up CPU as I am with useless bytes and latency it might be introducing to the link. I don't know the low-level nitty gritty of how each protocol encapsulates its traffic.If there is an existing package for this, it would be great, but at this point I'm simply trying to figure out which protocol is more appropriate before I begin digging in the wrong direction. The biggest concern, of course, is that the chosen protocol aggressively re-establish sessions should the connection suddenly drop, which will be a concern given the SoHo line I'll have to work with. The actual outbound server is no concern, as it has four cores and a Gbps line.
View 1 Replies
View Related
Jul 15, 2010
I am useing bshellz and i want to know how do i setup ssh tunneling in firefox when i am surfing the web.I newbie when it come to ssh tunneling.
View 3 Replies
View Related
Oct 7, 2010
I need to allow connection to some users on a servers with key authentication so that they can setup a tunnel to access a web application. But I don't wan't them to have a access to a shell.
View 5 Replies
View Related
