Advanced SSH Tunneling Taos Team fleet farm cc, walmart capital one cc
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Credits: Taos Team
First, a review of simple TCP SSH tunnels:
Forwarding a local TCP port to a remote TCP port:
(using the -L option)
Forwarding a remote TCP port to a local TCP port:
(using the -R option)
A few quick notes on sshd_config directives:
Useful command-line options for the commands discussed above:
Tunneling non-TCP protocols with Layer-2 and Layer-3 VPN tunnels:
Establishing a layer-3 SSH VPN using “tun” devices:
On the local server, issue the following command:
(NOTE: You must be root on BOTH the local system and the remote system in order to create the “tun0” virtual network devices and connect them via SSH’s tunneling protocol.) On the local server:
On the remote server:
At this point, it should be possible to the local and remote servers to ICMP ping each other at their 192.168.1.x IP addresses. If the pings are successful, then it should also be possible to pass TCP and UDP traffic over the tunnel. To shut down the tunnel, find the process-ID (PID) of the ssh command on the local server and send it a SIGTERM kill signal.
Important tips:
Establishing a layer-2 SSH VPN using “tap” devices:
On both the local and remote servers, run the following command to create a “tap0” virtual network interface:
or
Next, configure the “tap0” interfaces on both ends: On the local host:
On the remote host:
Now start the SSH Layer-2 VPN tunnel by issuing the following command on the localhost:
Assuming all went well, the tunnel should be up, and it should be possible for the local and remote servers to ping each other on their 192.168.1.x IP addresses. Also, running the command “ethtool tap0” on both ends should show “Link detected: yes” in the output. TCP and UDP protocols should work over the tunnel (provided that there are no IPTables firewall rules blocking such traffic). Additionally, DHCP and network-bridging can also be done over the tunnel. (For details on how to do this, see the white paper on Advanced SSH Tunneling .)
Conclusion:
fleet farm cc walmart capital one cc