General :: Security - Remote Into System Workstation Behind A Firewall?
Apr 22, 2011
Let's say I have a Linux workstation at work, behind a firewall. So even though I may have a remote access server set up on it (such as the most excellent NoMachine NX Server), I can't access it from home.
My home network happens to have a Linux server. Is it possible to ssh from work to the home Linux machine and set up a tunnel so that once I'm at home, I can run the NX client, point it to my home Linux box on some port like 9000, and have that forward through the tunnel to port 22 on my work Linux box? How would I set this up?
I have been using Remote desktop on Windows 7 to view and control my Ubuntu machine in the office quite happily over the office network. No problems there. I wanted to access it from my home connection so I read that I could do this by opening a port on the ubuntu machine's firewall. So I installed a firewall. Didnt see any way to open a port easily so I uninstalled it and installed another one. Same issue so I uninstalled that and then left it. I then tried to Remote Desktop the Ubuntu machine from my Windows 7 laptop and ERROR I can no longer connect.
I switched over to Fedora a couple of days ago. I'm using the built-in firewall shipped with it but I can't find out how to enable logging of dropped packets. Among others I'd like to use psad that needs firewall logging. Is there an easy way to do this? I'm not an iptables "expert".
Senario is we have a system where root has authorised keys set up so that it can do a passwordless ssh to $WORKSTATION. I then need to run a script on $WORKSTATION as user "bob" and NOT as user "root". I do not want to set up user "bob" to be allowed passwordless ssh so any ideas how I can do this?I have tried variations of (as user "root"):ssh $WORKSTATION "su - bob; ./my_script"
if you are running Apache on a firewall system, perhaps to display a web front end for firewall configuration, how would you make sure that it is accessible only from inside the local network?
I have squid as a proxy on the Suse box, and with the default firewall I have to enable masquerading to allow clients on the eth3:1-3 to send and receive mail through the Suse box. I found the Suse firewall completely inadequate (all P2P software/connections are allowed once you enable masquerading) and had to install ConfigServer Security & Firewall. In die configuration of csf I could get my way around getting smtp to work for the eth3:1-3 clients, but pop3 connections does not go through the box. I know I need to allow port 110 and 995 to masquerade of NAT (or something) and then the same for port 22
Well since tonight, after the upgrade to the latest current today, it was about a month I didn't upgrade, I cannot "git push" from my windows workstation (through msysgit shell)... I can pull, at least it tells me I'm up to date, but it keeps blocked on the 'push' command, returning only after a long timeout:
was home when the attack took place I was running a vnc server that was tunnled thru ssh. At approximatley 5:00 pm eastern time my box turned on firefox and flashed a popup. I tried to get to the logs and then realized that the entre system had been hijacked the remote desktop icon was active there was a message in gnote saying "youve been own3d". The system Is a old mac mini PPC system and i plan on looking at the system log with a netboot cd by running linux rescue at boot. my question is how do i gain access to the system log from a rescue cd to find out how much damage this hacker did?
I have Linux computers that are often on client networks inside firewalls . They have access to the internet but I can't access them directly. I don't want to have to get the client to mess with NATing , etc . I have written a system that uses XMPP to allow me to send commands to the computers and run simple console commands which often time is enough. These are things like run a report and ftp up to server, restart a process, give me a process list. It works OK, but some networks even block this (Googletalk is not universally loved for some reason)
I am wondering if there is a prebuilt system that allows me a computer inside one firewall (say a standard adsl modem created one) communicate in some way with a computer inside a network created by another adsl modem. I could see some sort of console like logmein or pc anywhere but as much as I have looked I can't find anything. I have considered writing a cheap and cheerful system in http or even a TCP system using asyncore in python but there must be something existent. I have a server on the web that could be used as an intermediary, relay type thing. Basically some sort of chat server for consoles is what I am thinking about. Is there some sort of SSH voodoo that I could bridge/tunnel/vpn through.
Printer is connected via USB to server PC running OpenSUSE 11.1 Client PCs are running 11.1, XP, Vista No problem printing from the Windoze machines
Printing is trouble free with the 11.1 client's firewall disabled, but no printer is available with firewall running.
In hopes of diagnosing the problem I figured I'd open everything I could think of until the printer remained available with the firewall running. Then I planned to start removing exceptions one at a time 'til removing one caused the printer to disappear.
I've gone to Yast>Security and Users>Firewall>Allowed Services>External Zone and tried addingSamba Server NetBIOS server Samba Client Samba Server VNC
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. how to keep the firewall running and allow the remote mysql incoming requests?
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. Do you guys have any idea how to keep the firewall running and allow the remote mysql incoming requests?
I often get responses from people who first say: "Are you sure? You want your network to be exposed to the outside world?" I am not experimenting on a Production Server of NASA or any Security Concern Department. Friends, there is no harm in experimenting on your personal computer or on a test computer which is isolated from the production environment. Look at hackers! What do they do? If they don't know how security is breached then how would they come up with security measures?
If my question reads... "How to let any user perform Administrative Tasks on a Linux System irrespective of his/her privileges on that particular system?" then I would not get the right answers in the first place. They will say... "You are letting everyone destroy your system... are you sure you want to do that?" My question is: Why should we restrict ourselves from experimenting even if it sounds weird to other people?
I give you an example where it is desirable to let an unprivileged user perform certain tasks. You want to know if there are any employees in your office who are storing videos in their home directory and filling up the disk space to a great amount. You have a department called "Command Center or Data Center Operations or Help Desk" call it whatever you would, whose work is to monitor such activities, and you create an account "monitor" for them to monitor such activities but they are not able to do them:
I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
me using opensuse. when i wnat to access it from a remote system using ssh.the following error occur. permition denied (publickey,keyboard interactive)
I want to remote login as a non root user and then run a command under the root account.I have set up the ssh/scp for the non root user and this configuration works fine. What I dont know is how to run a command under root once remotly logged in as the non-root account.I have to run this command under root, it cannot be changed.
i was browsing one of my friend hard drive using knoppix live CD, i was amazed to find that all the folder which he uses was empty, there was no files present in them, for example there was a folder in /usr/local named web, but when i browsed that folder using knoppix it was empty.I searched for files in every partition but still no result found.
After some time when i placed hard disk back and booted the PC normally, everything was in its proper place. Then i thought to make image of the hard drive and use it on my PC, the image booted well, but still those particular files were missing. I want to know how is that possible? Is there any way to get files from the remote system during bootup?
I have Ubuntu running on an old PE server. It is running Virtualbox with an instance of Ubuntu inside. The instance is there to run my honeypot.
The server box IP is192.168.1.10. The Virtualbox is bridged with it's own IP of 192.168.1.200. The honeypot daemon is listening to 192.168.1.201 with arpd.
I set up the UFW with DENY. And then enabled only the ports leading to the honeypot scripts which are abound to IP .201. I then forwarded the ports necessary to run VNC to .200.
Here is the UFW status: buntu@ubuntu-desktop:/var/lib$ sudo ufw status Status: active To Action From -- ------ ---- 192.168.1.201 21/tcp ALLOW 21/tcp 192.168.1.201 4444/tcp ALLOW 4444/tcp 192.168.1.201 5544/tcp ALLOW 5544/tcp
So I've read a bit and it seems that this is okay and secure. But I wanted to double check here with everyone, because I trust here more than just about anywhere. I've read about the hipporemote (which is pretty cool) and I have it working. Basically I want to make sure my system is still secure.
1. I had to open a port on my firewall for the VNC connection.
2. I turned on the Remote Desktop 2a. Checked Allow other users to view.... 2b. Checked Allow other users to control.... 2c. Checked You must confirm..... 2d. Checked for password, and put in a password 2e. Checked Configure network automatically to accept connectios
So with doing all of that, am I ok? I think so, especially since it says its only accessible on my local network. But I just wanted to hear from people who know more than I do that I don't need to worry any more than normal about others accessing my machine. I'm mainly thinking 2e, I don't fully understand what's going on there.
