Comments for - [ t o i c . o r g ] - http://toic.org Think shell Fri, 23 Jul 2010 17:58:13 +0000 hourly 1 http://wordpress.org/?v=3.0 Comment on Bypassing corporate firewall with reverse ssh port forwarding by thehidden http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-629 thehidden Fri, 23 Jul 2010 17:58:13 +0000 http://toic.org/?p=207#comment-629 thank you for the good howto. i tried your idea with the reverse tunnel and every think works find. except of create an additional dynamic tunnel als socks proxy. can you explain please, how to do that? the tunnel is up, but no http traffic flows through. :-( kind regards thehidden thank you for the good howto. i tried your idea with the reverse tunnel and every think works find. except of create an additional dynamic tunnel als socks proxy. can you explain please, how to do that? the tunnel is up, but no http traffic flows through. :-(

kind regards
thehidden

]]> Comment on Bypassing corporate firewall with reverse ssh port forwarding by Branko http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-623 Branko Tue, 25 May 2010 10:59:46 +0000 http://toic.org/?p=207#comment-623 You should set "GatewayPorts clientspecified" in /etc/ssh/sshd_config not in /etc/ssh/ssh_config /etc/ssh/ssh_config is config for ssh client and /etc/ssh/sshd_config is config for ssh server running on that machine. You should set “GatewayPorts clientspecified” in /etc/ssh/sshd_config not in /etc/ssh/ssh_config

/etc/ssh/ssh_config is config for ssh client and /etc/ssh/sshd_config is config for ssh server running on that machine.

]]> Comment on Bypassing corporate firewall with reverse ssh port forwarding by Connectiong two seperate LANs with reverse SSH | Bijan Hoomand http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-622 Connectiong two seperate LANs with reverse SSH | Bijan Hoomand Mon, 24 May 2010 18:40:48 +0000 http://toic.org/?p=207#comment-622 [...] toic, reverse ssh port forwarding [...] [...] toic, reverse ssh port forwarding [...]

]]> Comment on Bypassing corporate firewall with reverse ssh port forwarding by bijan http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-621 bijan Sat, 22 May 2010 07:59:37 +0000 http://toic.org/?p=207#comment-621 Branko, this is a great post, thank you. However I have the same issue as Justin. Let's say I have a server (the middle man) with an IP address of 174.2.2.2, from my office box, I run: ssh -R 178.2.2.2:1200:localhost:22 bijan@178.2.2.2 It connects with no problem. I also put "GatewayPorts clientspecified" in /etc/ssh/ssh_config. When I issue "netstat -an | grep LISTEN", I see it's listening on port 1200 for 127.0.0.1 The problem as Justin mentioned is that when I issue: ssh -p 1200 officeUser@178.2.2.2 I get the following error: "ssh: connect to host 178.2.2.2 port 1200: Connection refused". However if I ssh into 178.2.2.2 (to port 22 with a user on it) and then issue: ssh -p 1200 officeUser@localhost It's no problem, I login like a charm! I should say I disabled iptables, so, is it really a filtering problem or something wrong with me? Branko, this is a great post, thank you. However I have the same issue as Justin. Let’s say I have a server (the middle man) with an IP address of 174.2.2.2, from my office box, I run:

ssh -R 178.2.2.2:1200:localhost:22 bijan@178.2.2.2

It connects with no problem. I also put “GatewayPorts clientspecified” in /etc/ssh/ssh_config. When I issue “netstat -an | grep LISTEN”, I see it’s listening on port 1200 for 127.0.0.1

The problem as Justin mentioned is that when I issue:

ssh -p 1200 officeUser@178.2.2.2

I get the following error: “ssh: connect to host 178.2.2.2 port 1200: Connection refused”. However if I ssh into 178.2.2.2 (to port 22 with a user on it) and then issue:

ssh -p 1200 officeUser@localhost

It’s no problem, I login like a charm! I should say I disabled iptables, so, is it really a filtering problem or something wrong with me?

]]> Comment on Secure synergy setup by SSH port forwarding | - [ t o i c . o r g ] - http://toic.org/2009/02/01/secure-synergy-setup/comment-page-1/#comment-615 SSH port forwarding | - [ t o i c . o r g ] - Fri, 07 May 2010 10:47:50 +0000 http://toic.org/?p=241#comment-615 [...] like in one of the previous posts (secure synergy setup) we will use this tunnel to secure our traffic from eavesdropping. Ftp actually has sftp (ftp over [...] [...] like in one of the previous posts (secure synergy setup) we will use this tunnel to secure our traffic from eavesdropping. Ftp actually has sftp (ftp over [...]

]]> Comment on Preventing ip conflicts in xen by xdaan http://toic.org/2008/09/22/preventing-ip-conflicts-in-xen/comment-page-1/#comment-612 xdaan Sun, 11 Apr 2010 23:15:46 +0000 http://toic.org/?p=3#comment-612 Hi, I've tried this solution, but unfortunately it seems to me that it doesn't give the expected results. Problem with IP spoofing is still there. So if you really want to prevent stealing IP adressess inside of XEN domU, here is my tested an 120% working solution - http://xdaan.envirobyte.sk/rand.php?x=xen-ip-conflict Hi,

I’ve tried this solution, but unfortunately it seems to me that it doesn’t give the expected results. Problem with IP spoofing is still there.

So if you really want to prevent stealing IP adressess inside of XEN domU, here is my tested an 120% working solution – http://xdaan.envirobyte.sk/rand.php?x=xen-ip-conflict

]]> Comment on Firewalling xen bridge by entplex http://toic.org/2009/04/19/firewalling-xen-bridge/comment-page-1/#comment-611 entplex Sun, 28 Mar 2010 14:46:19 +0000 http://toic.org/?p=179#comment-611 I don't believe this configuration works with kernel 2.6.20+ Has anyone found any viable work-a-rounds? I don’t believe this configuration works with kernel 2.6.20+ Has anyone found any viable work-a-rounds?

]]> Comment on Bypassing corporate firewall with reverse ssh port forwarding by Links 15/3/2010: CrossOver Linux, Tim Bray Joins Google | Boycott Novell http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-609 Links 15/3/2010: CrossOver Linux, Tim Bray Joins Google | Boycott Novell Mon, 15 Mar 2010 20:03:56 +0000 http://toic.org/?p=207#comment-609 [...] Bypassing corporate firewall with reverse ssh port forwarding [...] [...] Bypassing corporate firewall with reverse ssh port forwarding [...]

]]> Comment on Bypassing corporate firewall with reverse ssh port forwarding by Christian Rishøj http://toic.org/2009/01/18/reverse-ssh-port-forwarding/comment-page-1/#comment-597 Christian Rishøj Fri, 05 Mar 2010 17:33:35 +0000 http://toic.org/?p=207#comment-597 Excellent post! Thorough, explanatory and extremely useful. You saved the day! Excellent post! Thorough, explanatory and extremely useful. You saved the day!

]]> Comment on SSH basics by SSH port forwarding | - [ t o i c . o r g ] - http://toic.org/2008/11/17/ssh-basics/comment-page-1/#comment-589 SSH port forwarding | - [ t o i c . o r g ] - Tue, 16 Feb 2010 13:45:01 +0000 http://toic.org/?p=100#comment-589 [...] can also speed things up by using ssh-keys and [...] [...] can also speed things up by using ssh-keys and [...]

]]>