SSH Over Secure tied down network?
Hey Guys.
What i am trying to do is find a way to connect to a computer on this network that seems to block everything! for example i am trying ssh and all it does is timeout. It seems to be impossible to do anything other than PING on this network. Does anyone have any ideas how/if i could find a route through the network to my PC?
Maybe i could set my SSH pc to run on port 80? How is this done if it is possible?
This might not make sense if it doesnt please tell me what more info you need. Thank you all.
Relentless.
you can usually tunnel around firewalls by running the SSH daemon on port 443 it works 9 times out of 10.
The traffic on port 443 is usually SSL encrypted so its not usually monitored or encrypted data is not shaped.
Usually i get an SSH tunnel out to my remote box and then tunnel everything down the SSH, i even do this on normal networks that are not locked down as i'm paranoid that someone could be sniffing the connection <puts tin foil hat on>
first off id say run linux but thats just me lol
if your wanting to use the remote box for getting around firewalls you can do more with a linux box easier including DNS tunneling for getting free wifi from hotspots!
anyway on to the SSH
go to c:/program files/openssh/etc/ and open the sshd_config file.
it will be in a linux format so you might want to use crimson editor to make it look pretty.
look for the line "Port 22" and change that to "Port 443"
save and close the file
go to start>run and type services.msc
look for the openssh service and restart it
that should work, im gonna boot up my old laptop and test it out
EDIT you need to uncomment the port line so remove the #
I have done that and connected with Putty like localhost port 443 to test to see if it works and it does! thank you.
But when i try to connect to it on another computer on the network the connection just times out as usuall. I am going to try port 80 and see what happens this that.
Thanks again…
Relentless.
try running it on a high port too 65534 sometimes that works.
if you can browse to HTTPS websites then port 443 is allowed the fact that you can't SSH out sounds to be like theyre doing some sort of packet shaping. as a last ditch attempt you could try to tunnel over HTTP/HTTPS i've never done it myself but i know it can be done but your prob gonna need a linux box.
If you dont mind me asking what is the environment your in?
im gonna guess university halls ;)
Good guess! The network is insane. I never realized i cant even ping! That kind of means i can't do anything :(
The way i remote login is using logmein.com so would there be a way i could get hold of one of those free shells and then tunnel through the free shells to my shell in my Room?
THanks alot man!
Relentless.
are you accessing from the same subnet/network or from another network?
I cant say i've used that service i would still aim for the ssh as you can do a lot more with it. maybe take a look at this site http://dag.wieers.com/howto/ssh-http-tunneling/
if your only needing local access get a cheap wireless router or stick a wired network card in each computer and run a patch cable between the 2 machines.
As a final test you could install WAMP on the computer and it will run a web server and you should 100% be able to access that.
It sounds like the sys admin at your uni have it pretty much dialled down its not a good sign when even ICMP is blocked.
Might sound stupid but is all the firewalls and windows firewalls turned off?
If your on the same network then there shouldn't be any filtering if they have you running though a bog standard switch. Its usually incoming and outgoing traffic you filter not internal or maybe they want to stop students sharing media or something.
Well i have wamp didnt know i could remote connect to that :D will try that also.
about local access what i want to be able to do is be able to get access to a shell on the box anywhere on the Uni network so i can run a cable but not when im at the main campus :D
Going to double check the firewalls and other stuff etc. Will be very imbarissing if it was because of then because i have not actuall checked xD me@idiot.com. Lets see…
Thanks
Relentless
just try browsing to the web server on wamp so http://www.<ip>:80 you should be able to see the website thats configured in the WAMP dir.
double check the IP addresses too ;)
im gonna get to bed before my missus hits me! let me know how it goes!
This describes how i feel now! omg. Turned off the firewall. You have no idea how stupid i am lol why i didnt check i do not know.
But anyway i have learnt alot! so im glad :D
Thanks alot! Now i have the shell working any good tutorials anywhere so i can see what i can do with it?
Thanks alot man!
Relentless
lmao! no network admin block that much! lol
the thing is you able to connect to that IP from within that subnet but when you go to your main uni your not going to be able to get a connection to the computer. To do that you'll need to get someone i.e. sys admin to forward a port from the gateway device to your computer.
in the mean time play around with SSH tunnels (tho you dont really need them locally)
basically tunnels work, well like tunnels imagine the entrance is your computer and the remote server is the exit, anything within that tunnel is encrypted.
say in the server your running a proxy so TCP port 3128 and your sitting in an internet cafe that filters out hell bound hackers.
what you can do is configure the tunnel so that local traffic on port 3128 goes to the remote computer 3128 and connects to the proxy. Set firefox to use a proxy localhost:3128 and what happens is your request for HBH goes down the SSH tunnel to the server from the server to the internet, back to the server, down the tunnel and back to you.
heres a pretty picture someone made:
http://www.sans.edu/resources/images/firewall3.gif
but unless you can get that port forwarded your pretty much sunk.
make sure that SSH install is secure too incase someone trys to PWN you locally!
nino
not that i can think of off hand.
is the SSH server still running on 443?
a good test of routing is to run WAMP on the server and just try and view the website on the server, if you can do that then the routing is fine and you wont need to forward and some sort of filtering is at play. If you cant view the site then the routing is maybe off.
try connecting using telnet. ie
telnet <ipaddresS> 443
should bring back your banner on the SSH server saying the vendor and version
telnet <ipaddress> 80 GET / HTTP/1.0 <enter button> <enter button>
should get the index of the web server
try the webserver first tho
Hey :D
Ok last night i set up the following on the Box.
WAMP Port: 80 ssh Port: 666 FTP Server: 443
They all worked and i could access everything from my other pc on the same subnet.
Here on the 10.1.0.0 subnet i cannot access anything! xD
I have been trying to get any info of the remote box for example:
betstat -a <ip address or remote box> nbstat -a <ip address or remote box>
But nothing!
All i can do is ping it with 100% success.
Thanks again man!
Relentless.
i think its cus you on the different subnet the routing is being a whore (technical term ;) )
I have two subnets at home a 192.168.11.1 and a 192.168.1.1 when im on the 192.168.11.1 i can access my server on 192.168.1.50 but i think the router deals with that i imagine they have the hardware set up to stop traffic between computers.
To make sure your pinging the right thing, on the server turn off anything that will generate any network traffic and run wireshark. On your computer ping the server and watch wireshark on the server to see if the ping requests are coming in. If they are then the routings fine but your being filtered, if theres no request then they're segregating the network subnets
nino
Aye i am pretty sure they are using the hardware and like you said before i need to get the to foward my remote box through the firewalls so it is accessable on each subnet. I even work at the university as a Techy and i dont see that happening i mean you can't even plug your laptop in to the power with a check and recipt! lol
Thanks a lot man. I will talk to a few people and see what i can find out. This is annoying xD.
When i am the networking LABS i will also have a play around in there i have no restictions so will be easyier.
Thanks again.
Relentless.
Well tbh it is xD a personal one xD :D i want to get access so me an my mates can play rootthisbox on my box. Now seems as we are doing Networking they might be quite pleased with that.
Just had a thought i am sure i saw one of my mates (who lives in the same halls (same subnet) as me) use windows remote desktop to login to his PC back in halls from our network labs. So i have a feeling that i will be able to do more from that place xD will try it tomoz thats when i start back at uni.
Peace man.
Relentless.