Archive

Posts Tagged ‘Security’

Reverse SSH Tunnelling

May 13, 2008 3 comments

It is possible to create a “reverse” SSH Tunnel. The reverse tunnel will allow you to create an SSH Tunnel from your work computer to your home computer, for example, and then login to your work machine from your home machine even if your work firewall does not permit ssh traffic initiated from your home machine!

For this to work, an SSH Server must be installed on your work and home computer, and ssh (TCP port 22) must be allowed outbound from your work computer to your home computer.

Syntax: ssh -R remote_port:localhost:22 your_home_computer

At home, you would then run ssh -p 2048 localhost to log into your work computer via ssh.

Here is a script that you can run through the cron facility on your work system to make sure the reverse SSH Tunnel to your home system is up and running. It is useful in case the system is rebooted.

#!/bin/sh

# $REMOTE_HOST is the name of the remote system
REMOTE_HOST=remote.system.ip

# $REMOTE_PORT is the remote port number that will be used to tunnel
# back to this system
REMOTE_PORT=5000

# $COMMAND is the command used to create the reverse ssh tunnel
COMMAND=”ssh -q -N -R $REMOTE_PORT:localhost:22 $REMOTE_HOST”

# Is the tunnel up? Perform two tests:

# 1. Check for relevant process ($COMMAND)
pgrep -f -x “$COMMAND” > /dev/null 2>&1 || $COMMAND

# 2. Test tunnel by looking at “netstat” output on $REMOTE_HOST
ssh $REMOTE_HOST netstat -an | egrep “tcp.*:$REMOTE_PORT.*LISTEN” \
> /dev/null 2>&1
if [ $? -ne 0 ] ; then
pkill -f -x “$COMMAND”
$COMMAND
fi

Advertisements

SSH Tunnelling

May 13, 2008 Leave a comment

SSH Tunnelling is an excellent way to tunnel insecure protocols through a secure communication channel. In this example, I’ll tunnel POP3 traffic using SSH. Traditional POP3 traffic, including username and password information, travels clear-text across the network.

The syntax: ssh -f -N -L <local port>:<remote server>:<remote port> <userid>@<remote server>

To tunnel POP3 traffic using ssh:

  1. Make sure an ssh client is installed on your machine and an ssh server is installed on the POP3 server.
  2. Create a local SSH Tunnel on your machine (port 1234 for this example) to the POP3 server’s port 110. You will need to be the root user to bind to “privileged” ports (< 1024).
    # ssh -f -N -L 1234:localhost:110 user@POP3_server
  3. Test the tunnel.
    $ telnet localhost 1234
    You should see the POP3 server’s banner information.est the tunnel.
  4. Configure your mail client to access your mail via POP3 using mail server localhost and port 1234.

SSH: Convert OpenSSH to SSH2 and vise versa

December 14, 2007 31 comments

Connecting two server running different type of SSH can be nightmare if you does not know how to convert the key. In this tutorial, I will try to explain on how to convert the public key from OpenSSH to SSH2 and SSH2 to OpenSSH. To convert the key, it must be done in OpenSSH server.

Convert OpenSSH key to SSH2 key

  • Run the OpenSSH version of ssh-keygen on your OpenSSH public key to convert it into the format needed by SSH2 on the remote machine. This must be done on the system running OpenSSH.
    #ssh-keygen -e -f ~/.ssh/id_dsa.pub > ~/.ssh/id_dsa_ssh2.pub

Convert SSH2 key to OpenSSH key

  • Run the OpenSSH version of ssh-keygen on your ssh2 public key to convert it into the format needed by OpenSSH. This needs to be done on the system running OpenSSH.
    #ssh-keygen -i -f ~/.ssh/id_dsa_1024_a.pub > ~/.ssh/id_dsa_1024_a_openssh.pub

Read more…

USB Devices Can Crack Windows

November 16, 2007 Leave a comment

Vulnerabilities in USB drivers for Windows could allow an attacker to take control of locked workstations using a specially programmed Universal Serial Bus device, according to an executive from SPI Dynamics, which discovered the security hole.

The buffer-overflow vulnerabilities could enable an attacker to circumvent Windows security and gain administrative access to a user’s machine.

[ Source: eWeek.com ]

SSH/SSH2 Password-less Authentication

October 17, 2007 11 comments

A great little guide to setting up two accounts so that you don’t have to type in your password when sshing between them. btw, OS X uses OpenSSH. I don’t know what it is for other platforms.

Basic Idea

No-password authentication works because of public key crypto. Let’s say you have a local machine Ooga and a remote machine Booga. You want to be able to ssh from Ooga to Booga without having to enter your password. First you generate a public/private RSA key pair on Ooga. Then you send your public key to Booga, so that Booga knows that Ooga’s key belongs to a list of authorized keys. Then when you try to ssh fromOoga to Booga, RSA authentication is performed automagically.

Here are detailed steps on how to do this.

NOTE: The following examples and scenarios assume you are creating only a single key, e.g. one RSA key or one DSA key. If it turns out that you’ve created both keys on your (client) system, then you will need to send both of them to the SSH/SSH2 server; otherwise, you may still be asked to enter a passphrase. Read more…

How to make SSH2 work with OpenSSH

October 17, 2007 6 comments

The commercial version of SSH2 uses a different key format than the OpenSSH. This guide shows how to make them inter-operate with each other with public key authentication. Read more…

Is Your Computer Connecting To Websites Without Your Knowledge

September 28, 2007 2 comments

If you are worried that some programs on your PC are secretly making connections to websites in the background, here’s a quick tip that uses a simple DOS command to detect and prevent such suspicious activity:

  1. Type cmd in your Windows Run box.
  2. Type “netstat -b 5 > activity.txt” and press enter. After say 2 minutes, press Ctrl+C.
  3. Type “activity.txt” on the command line to open the log file in notepad (or your default text editor).

The file activity.txt will have a log of all process that made a connection to the Internet in the last two minutes. It will also show which process connected to which website in this time. And not just the web browsers (like iexplore.exe or opera.exe), the log will also show your IM clients, download managers, email programs or any software that requires a net connection.

Scroll though the activity.txt file and look for any process names or website addresses that you are not aware of. If you track one , go to the task manager (or Process Explorer) to find the location of the executable on your computer and eliminate it.

Note: If you’re using Vista, use -a instead of -b.

[ Source: Digital Inspiration ]

%d bloggers like this: