Anybody got an ssh shell account (on a server) they could put waste behind? Do it like this, set up the ssh server on a machine with port 1337 closed, thenMessage 1 of 2 , Jul 15, 2008View Source
Anybody got an ssh shell account (on a server) they could put waste
Do it like this, set up the ssh server on a machine with port 1337
closed, then create an account to tunnel in on the ssh port.
If you run a waste client on the ssh server that is set to do network
routing (by default waste is set to do this, in Prefs/Network the
option 'Route Traffic' is enabled by default), then any incoming ssh
connections that have port 1337 forwarded to the ssh server will be
connected & routed by the waste client running on the server.
The trick on the system connecting to the ssh/waste server is to
close waste before connecting to the remote ssh/waste server, &
establish the ssh connection first (in Putty this requires forwarding
port 1337 to the internal IP address on the remote server). Once the
ssh connection is established, start the waste client locally &
connect it to remote address 127.0.0.1 (more about the process here: http://pigtail.net/LRP/printsrv/tunnel-how.html)
As long as the remote ssh/waste server has the key for the connecting
client in advance (& versa-vice), the connecting client will then
tunnel in to the remote server through the Putty ssh tunnel.
The advantage to doing it this way is the ssh tunnel is encrypted, as
is the waste traffic. However to systems that do port scanning or
packet traffic captures, they now have two layers of encryption to
crack, & the only port they will see open on the server side is port
22 (the ssh port). This is good because they then have no idea that
there is a waste connection tunneling in through the ssh connection.
The encrypted ssh tunnel shields the waste connection going through
it as well as the port that waste is connecting in by.
I have done this setup a few times myself on my servers. I don't
recommend using port 22 because it requires leaving the port open on
a firewall/router & port 22 is a notorious hacker magnet port. The
few times I ran 22 open I got hundreds of connection attempts
incoming to port 22 (as in, hundreds.. per.. day..!)
If you are going to try this, I would recommend doing a port
reassignment for port 22; move the service port to something else,
some unused port number (we use high port numbers like 22222). This
prevents bonehead hack attempts by scanners trying to connect after
scanning open ports on an IP address & finding an open ssh port.
Anyway, I don't have any servers here anymore that I can open
directly to the Internet to allow ssh accounts (we're using VPNs here
& only allowing company traffic on this network). But this does work,
I have set it up & run it from servers with direct connections to the
Internet, or from collocation servers, proxy servers, shell servers,
I wish the nullnet guys would do this, grr.
Somebody please do this, I want to try it by routing a connection in this way
to the nullnet ;-)
have fun :-D
This is a snapshot of waste connecting on the LAN here to 4 machines on three networks. One of these networks is being accessed by an ssh tunnel on anotherMessage 1 of 2 , Aug 1, 2008View Source
This is a snapshot of waste connecting on the LAN here to 4 machines on three networks. One of these networks is being accessed by an ssh tunnel on another machine through an Internet connection by using IP address 127.0.0.1 (aka 'loopback') on the local waste client: http://img231.imageshack.us/my.php?image=sshlanwastema4.png
The 127.0.0.1 connection waste was making was through a Putty connection to another machine running an ssh server. That machine was running a waste client on it, that was connected to another waste client on its LAN on another machine on that LAN.
The 10.x & 172.x IP addresses waste was connecting to here are LAN IP addresses of machines here that were running waste & connecting via LAN connection.
The waste connection to the ssh machine over the Internet went through the ssh encrypted tunnel, was made to port 22222 on the remote ssh machine.
Waste port 1337 was closed on both my Internet gateway machine & the remote ssh server machine. So scans of both the Internet gateway machines making the waste-ssh tunnel connection would have shown no waste ports in use at all, much less making an Internet connection through the ssh tunnel connection.
See that's what I'm talking about :-)
I snapped this shot after I posted the previous post, meant to add it later, kept forgetting, too busy, etc. Finally got some free time to remember to post it. Have fun.
Click here to find the rental car that fits your needs.