Security :: SSH Tunneling And Still Show Location
Jul 3, 2010
I bought a mlb.tv to watch baseball game online and they have blackout for local teams. I try to use proxy sock to bypass the blackout, but for some reason they know my location because I'm getting blackout. I check to see if they were just checking for proxies and I went and I try to watch other games not in my area and I was able to watch it. I use this command on the ssh client "ssh -D 9090 user@domain.com" and I change the setting on my network. I do a ip lookup and the ip address is from the server location. I dont want you guys to tell how to bypass, I just want to understand how they know my location.
View 1 Replies
ADVERTISEMENT
Mar 28, 2010
I have a local computer (local), and remote computer (remote) behind of remote server (server). Also, I have user access to all of these 3 machines. Now, I want mount some directory, located at remote, to my local mount-point via sshfs. How should I setup my local sshfs and what should be done on server to make this mounting?
I'm stuck with ssh tunneling because the default method for tunneling requires root access while WinSCP somehow could do this with only user access (the tunnel server could be configured there in 'tunnel' panel).
View 5 Replies
View Related
Feb 16, 2010
I am attempting to set up a VNC with ssh tunneling for remote desktop between my laptop (opensuse 11.2) and my desktop (kubuntu karmic) and using the instructions here: [URL] and here: [URL] but I am having trouble getting remote desktop to work once I establish the ssh tunnel
I start out with
Code:
ssh <user@remotepc> -p <non22port> -L 5900:localhost:5900
That seems to wok and connect properly
The problem comes when I try to use a remote desktop client on the laptop to initiate the VPN desktop sharing and point it to
Code:
localhost:5900
Thats when I get a notification on the host saying:
Code:
Refused uninvited connection attempt from 127.0.0.1
And on the laptop I get:
Code:
VNC server closed connection
I have tried messing with the few settings in Krfb, but none seem to have any impact. How do I open localhost:5900 and allow VPN tunneling to the host machine?
View 2 Replies
View Related
Apr 4, 2011
Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies
View Related
Aug 22, 2010
I have openSUSE 11.3 Gnome installed. The nautilus address bar shows the "Button Bar" and if I press Ctrl+L it swaps to the "Text Location Bar". The Text Location bar is where you see the full path to the directory that you're viewing.But I can't set the default addressing to the Text Location Bar.What else should I do to get the text location bar (i.e. the full path) to be the default view in the address bar?
View 4 Replies
View Related
Dec 1, 2010
I installed Ubuntu 10.04 only be dismayed to find ${HOME}/bin FIRST IN THE PATH. I blogged about it at my blog (I sudo an xterm rather than just sudoing to get a different background for the sudo'd xterm): [url]
I agree that some new user should probably not be logging on as root. But if the replacement for 'ls' is in their ${HOME}/bin/ the sudo'd shell inherits the same PATH, umask, and everything else! In general I take a dim view of a sudo only way of doing things. It seems to cause more problems than it solves for disciplined, knowledgeable users. In the case of Ubuntu it caused me to create a /root folder for root to reset the umask back from 077 which is what I use over to 022 which is what root should use. The /root/.profile of course made sure there is no /home/me/bin in the sudo'd PATH. It didn't matter because somebody is not just SETTING the file perms and is instead calculating them based off of modifications to the umask. JUST SET THEM! I ran into a problem with GRUB getting things fouled up because I was having to remove the new kernels and instead of using the command line option (much prefereable) used Synaptic Manager instead: [url]
In fhe case of an infection living in a user's file space you really should want to go in to clean it out as some other user than the user that is infected. Having said that the hackers seem to be going for the whole enchilada right off the bat. A WARNING is in order here. DO NOT USE A ROOT ACCOUNT OR SUDO FOR NORMAL TASKS! But please put ${HOME}/bin last in the PATH or preferably don't even put it in the PATH at all. Let users add it themselves if they want it. Also once hackers figure out that hijacking a sudo tty (from what I just read else-where here I would say several hackers are working on doing that right now - sendmail my ****) is a dandy way of doing things you really will need to provide for ways of cleaning a user infestation out by going at it some other way than through that infected user. A lot of Ubuntu users have only one login account, the one they created when they set the machine up.
View 9 Replies
View Related
Jan 22, 2010
I've got this in my Apache2 config (on a Ubuntu 9.10 server):
Code:
<VirtualHost _default_:443>
DocumentRoot /srv/svn
<Location /repos>
DAV svn
[Code]....
When I comment out the "allow from" line, I have no access to this server at all, but when "Allow from 127.0.0.1 172.23.120" is activated, I can also access that location from other IP's (I can even access it from the internet).
What I really want is access limited to the IP's in "Allow from" because I don't want anyone accessing our subversion repo's from anywhere else.
View 5 Replies
View Related
Jan 4, 2010
Quote:
alexander@osiris:~$ uname -a
Linux osiris 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686 GNU/Linux
I tried to change the sys_call_address to another location in memory. The result was an OOPS!
sys_call_address is of course not exported, so I found it using:
Quote:
grep sys_call_table /boot/System.map-2.6.31-14-generic
c0577150 R sys_call_table
My kernel prog looks like:
Code:
#include <linux/string.h>
#include <linux/smp_lock.h>
#include <linux/init.h>
#include <linux/module.h>
[Code].....
View 5 Replies
View Related
May 5, 2011
We have setup a separate partition to keep our audit files, but I am at a loss to figure out how to redirect the log files to be stored there instead of the default.
I am sure it is a simple matter but I have been unable to locate the information.
View 1 Replies
View Related
Apr 12, 2011
I am implementing hard drive encryption. I wish to pass a key file to the crypttab from an NFS mounted location. But I could see that the disk encryption process starts very early during the booting process, before fstab is run. I could not find which script, in rc5.d, starts this service. And I am confused on how nfs mount are performed from fstab, as the network service starts at a very later stage than after fstab is called to mount the local partitions/disks. In my case, I have to wait until the nfs is mounted and then call the /dev/mapper mount (in fastab) to mount the encrypted partition.
View 2 Replies
View Related
Feb 21, 2011
I've set up ssh passwordless logins using keygen etc.before so I know the routine.
The problem I'm currently having is setting passwordless logins when I don't have write permission to my "root" of the remote machine. More specifically the slice provided by a commercial web hosting provider. I can ssh and sftp just fine keying in the password manually but since I'm unable to create a .ssh directory in my "root" I'm unsuccessful in scripting logins. What I'm wondering is if the .ssh directory and associated security files can be placed in an alternate location such as the httpdocs directory and pass that location to ssh in a command line parameter.
View 8 Replies
View Related
May 4, 2010
I'm setting up a server with Jaunty Jackalope version. I'm trying to test setting up a basic iptables rules... No matter which command I put in, it is failing on the first command when I run iptables-restore < file location (the first rule always fails). I'm doing this on the root user and first typing in the iptables rules in a test file. I've tried the first command starting with % sudo, iptables and -A. All have the same result. I've also tried letting the HTTP rule be first with the same result.
[Code]...
View 2 Replies
View Related
Dec 23, 2009
My question is related to the log in screen in Fedora 11, Gnome desktop, installed on my laptop. I currently have an account with the name Octav. When my computer starts-up i have a window with <my name> and <other> showing to choose from. When i click on my name, i type my password and i'm logged in.
Now my question, can i have my log in window, without my name written there, so i have an extra security if i may say. What I want is for me to type my username and then password to log in. I don't want my name been written on the screen.
View 9 Replies
View Related
Mar 17, 2011
I have 2 servers, web server & mail server. they show 2 users in the summary area when I run w or top commands. But the actual list of users logged in (using either w or who) shows only 1 user.
ps -ef |grep username only shows my current login as a running sshd process.
So I can find no trace of this other user except in the summary line for w or top. I have no shells or other logins left running elsewhere or abruptly terminated, no gui sessions (these are servers), no tty logins. Do I have another user logged in? Has someone hacked me & covered up most of their trail? Why do these commands show 2 users when everything else points to 1 user?
View 9 Replies
View Related
May 5, 2011
when I nmap -sV domain I can see my chrooted apache2 banner how can I do not even show the banner even if is chrooted.
View 1 Replies
View Related
Apr 26, 2011
I'm working with a program that uses Open Motif to create all of the widgets, including the Open File dialog box (obviously). However, Open Motif being kinda old-timey, 80's vintage, and for the most part now an abandoned project, it is quite clunky. So, actually what I need to do is to open some files located on my work server. I have already successfully connected to the relevant server directories with Samba, and with programs built with GTK+ (such as GIMP) I can open files across the network because I have created a bookmark in Nautilus, and those bookmarks appear in the Open File dialog box created by GTK+. Now, Open Motif is different: it doesn't see network locations, orNautilus shortcuts. When I type "smb://serveripyadayada" in the search folder, it really doesn't like it and complains. So, what do I do? Can I get somehow Open Motif to open a network location? Or can I do a run-around and place a shortcut in the file system that points to the network location?
View 2 Replies
View Related
Oct 30, 2010
I have been testing ubuntu 10.10 maverick, it has some nice features. Anyway I am missing the possibility of writing manually the folder you want to go on nautilus using the Location bar. It was used to have some kind of icon which you can click and it switched between graphich breadcrumbs or the location of the folder and you could changed it manually, you know what I mean?
View 2 Replies
View Related
Apr 22, 2010
I have my router configured so that it drops outgoing telnet connections (and other protocols I don't use). It's a 2wire gateway. 192.168.1.65 is the internal IP of my ubuntu box.I'm trying to figure out what normal network traffic looks like and whether I should be worried by this log entry. At the time this happened I was testing out TOR (just navigating to a few sites (dell, ubuntu forums, etc.) nothing all that interesting.)
View 2 Replies
View Related
Jul 14, 2011
I have a machine called ic that I can ssh to. There is another machine, fw, that is on a completely different VLAN, and I cannot talk to it. ic is on both my VLAN and the VLAN that fw uses, and so my usual procedure for sshing to fw is to ssh into ic and from there ssh into fw. If I wanted to script this action, however, how could I get it to work?
I tried ssh root@ic "ssh root@fw", but this results in the message Pseudo-terminal will not be allocated because stdin is not a terminal, and then I get three messages from fw, presumably because it has null input:
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
View 1 Replies
View Related
Feb 1, 2011
I currently have SSH set up on my network and facing outwards so that I can use my private key to authenticate and remotely administrate my server along with the ability to use SSH tunnels when needed to encrypt my traffic. However, I want to be able to give a friend access and use my server as a SSH tunnel, I do not want him to be able to execute any commands or write any files, just to create an SSH tunnel. Although it would not be too much of a large issue if he could write to his own home directory, I just want to ensure that he isn't able to browse around the whole file system and keep it as simple as possible.
View 9 Replies
View Related
Mar 7, 2011
I tend to not use webmin, but there's just some things I dont want to deal with via command line. I know that having Webmin require an SSH tunnel is possible, but i'm not sure how to approach it.
View 1 Replies
View Related
Feb 27, 2011
I am trying to setup a version of OzymanDNS but am not quite sure I am understanding part of the instructions found here.My domain/website is hosted with a web hosting company, using their name servers. I have added a sub domain [URL], using an A record to send any requests for [URL] to my home IP address, where I have a server running. Do I need to also add the code below to my server at home which has BIND installed or are the instructions expecting that I have full control of the main name server already?
Code:
tunnel.example.com. IN NS www.example.com.
www.example.com. IN A 123.123.123.123
View 2 Replies
View Related
Sep 11, 2010
A portscan reveals that port 39878 is 'open', service: 'unknown. I deny service for this port in Firestarter FW 'policy' Firestarter does not show any active connection. I am not running any apps, so how can I close this port?
View 9 Replies
View Related
Jun 6, 2011
I'm trying to open port 8080 on my application server. I've included it in my iptables; however I still cannot access through ssh nor putty and it doesn't show up when I netstat either.Here is my iptables-config:
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -s xxx.xx.x.0/24 -j ACCEPT
[code].....
View 7 Replies
View Related
Aug 4, 2010
I am on Linux on machine LOCAL (my notebook).I ssh into a company machine REMOTE which is behind a firewall and ONLY allows incoming ssh connections (port 22), no outbound connections whatsoever. I do have full root access on both, LOCAL and REMOTE, REMOTE is however a VPS and behind a hardware firewall.I now need network access on REMOTE (HTTP and other protocols) for downloading and building some software. I also need to access to NON HTTP protocols such as git.
I was hoping to set up a reverse SSH tunnel for using my LOCAL machine, where I could be running a socks server. So that network access on REMOTE would be redirected over the SSH tunnel to a socks server running on machine LOCAL.How would I go about setting something like this up?
View 2 Replies
View Related
Feb 28, 2011
There is an udp video stream accessible only on the local network, but I need to access it outside of the network. I have Linux machine (multiple actually) with root access.There is a small utility that makes the stream accessible on the local machine on port 1234.
./ping -h streamserver -p 1234
If I run it I can access the stream using vlc or mplayer.
mplayer udp://@:1234
vlc udp://@:1234
Now, I'm trying to create a port foward from my remote machine and access the port, but it is failing.
ssh me@machine -L 1234:127.0.0.1:1234
View 1 Replies
View Related
Feb 2, 2011
I want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?
View 1 Replies
View Related
Mar 14, 2011
I am trying to tunnel through my college's free AP so I can get access to protocols outside of http and https. The school has an in-browser DNS redirect until you log in.The output of "cat /proc/version" on the server OS is "Linux version 2.6.35-27-generic (buildd@palmer) (gcc version 4.4.5 (Ubuntu/Linar o 4.4.4-14ubuntu5) ) #48-Ubuntu SMP Tue Feb 22 20:25:29 UTC 2011" The client OS is Windows 7. What I have done so far is use Proxy Cap to redirect applications to a Putty tunnel connected to the server. Eventually I want to tunnel that SSH connection through my school's firewall, so that I can keep encryption and have a reasonable amount of ease with setup.
I am not particularly educated on the inner workings of the DNS redirecting so I was not sure what to search for. My attempts to connect Firefox over normal http proxies failed and since all ports are blocked besides http and https I didn't attempt any socks or SSH. I have also tried simply hosting the SSH server on http ports with little success. I hope that I can do this without having to purchase a domain, but that's starting to seem like that won't be the case.
View 8 Replies
View Related
Feb 24, 2010
I have been ssh tunneling, which works great.I can browse the internet by simply tunneling my traffic through my SSH server.the following command: ssh -ND 9999 username at myserver.i cant postlinks.is all I have type, and I can connect to a SOCKS proxy server on localhost:9999.My problem is that I have an application that only supports HTTP proxies.Is there any way I can get it tunneling over the socks proxy?
View 4 Replies
View Related
Jan 29, 2010
I'm having trouble ssh tunneling through two servers to get to my database. Server3 is restricted to all except from server2 and I'm at server1. So on server2 i do ssh -L1434:server2:1435 -l user server2 - this works i'm able to connect to the db on server3 from server2. But on server3 i'm trying to ssh -L1433:server2:1434 -l user server2
- and I get 'connection refused'. I tried telnet server2 1434 from server3 and i get 'connnection refused'. I checked the firewall is open on server 2 - firestarter confirms that port 1434 is open to everyone. I'm not sure what I'm doing wrong, but I have a hunch that maybe firestarter on server2 is not working correctly, because it also shows that port 22 is open to everyone and I can telnet server2 22 and I'm able to connect.
View 2 Replies
View Related
