Trik tips Tutorial

Belajar Tips dan trik Linux, Hacking, linux, PHP, , Web, Perkakasan

bookmark bookmark
WEBNESBAY Pada Jun - 14 - 2009

Many times I’ll be at a site where I need remote support from someone who is blocked on the outside by a company firewall. Few people realize that if you can get out to the world through a firewall, then it is relatively easy to open a hole so that the world can come into you.

In its crudest form, this is calledpoking a hole in the firewall.I’ll call it an SSH back door. To use it, you’ll need a machine on the Internet that you can use as an intermediary.

In our example, we’ll call our machine blackbox.example.com. The machine behind the company firewall is called ginger. Akhirnya, the machine that technical support is on will be called tech. Figure 4 explains how this is set up.

SSH Back Door

SSH Back Door

Here’s how to proceed:

  1. Check that what you’re doing is allowed, but make sure you ask the right people. Most people will cringe that you’re opening the firewall, but what they don’t understand is that it is completely encrypted. Furthermore, someone would need to hack your outside machine before getting into your company. Instead, you may belong to the school ofask-for-forgiveness-instead-of-permission.Either way, use your judgment and don’t blame me if this doesn’t go your way.
  2. SSH from ginger to blackbox.example.com with the -R flag. I’ll assume that you’re the root user on ginger and that tech will need the root user ID to help you with the system. With the -R flag, you’ll forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH tunnel. Note that only SSH traffic can come into ginger: You’re not putting ginger out on the Internet naked.You can do this with the following syntax:

    ~# ssh -R 2222:localhost:22 thedude@blackbox.example.com

    Once you are into blackbox, you just need to stay logged in. I usually enter a command like:

    thedude@blackbox:~$ while [ 1 ]; do date; sleep 300; done

    to keep the machine busy. And minimize the window.

  3. Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH flags. You’ll have to give them your password: root@tech:~# ssh thedude@blackbox.example.com .
  4. Once tech is on the blackbox, they can SSH to ginger using the following command: thedude@blackbox:~$: ssh -p 2222 root@localhost
  5. Tech will then be prompted for a password. They should enter the root password of ginger.
  6. Now you and support from tech can work together and solve the problem. You may even want to use screen together! (Lihat Trick 4.)

Related posts:

  1. Memeriksa bandwidth anda
Kategori: Linux

Tinggalkan Jawapan

Mudah AdSense oleh Unreal