Tunneling – Page 2 – WindowsTechs.com

How outgoing tunnels are not stopped by AV or firewalls?

Posted on May 29, 2023 by Akam

How can an attacker with initial access to a server behind a firewall, which only has SSH, HTTPS, and HTTP ports open, maintain remote access to the server even after the SSH port is closed by the user on the firewall?

I have searched these questions and answers but none of them directly answering the question:

I knew its by implementing any kind of reverse shell, creating a tunnel that sending outbound connection to attacker server:
Why a tunnel – reverse shell not detected by Firewall or such Antivirus on the OS? until this point, I worked on many computers and tested if a tunnel works or not, none of them blocked me even with enterprise firewall and client security software.

Continue reading How outgoing tunnels are not stopped by AV or firewalls?→

Security of SSH with Service like ngrok

Posted on May 28, 2023 by mpr

I need some help understanding the security implications of using a service like ngrok to setup an ssh connection.
I’ve got two computers without public IP addresses (both using mobile internet connections) so I can’t ssh directly from com… Continue reading Security of SSH with Service like ngrok→

Does the traffic tunnelled using Stunnel on port 443:TCP appear the same as normal HTTPS to DPI?

Posted on May 15, 2023 by wiki

I wrapped my Socks5 traffic in TLS using Stunnel and the Stunnel server is listening on the port 443:tcp.
I can connect successfully to Stunnel server and exchange Socks5 traffic.
From the perspective of DPI (Deep packet inspection), is th… Continue reading Does the traffic tunnelled using Stunnel on port 443:TCP appear the same as normal HTTPS to DPI?→

Public IP address does not change when tunneling wire guard over socat?

Posted on May 5, 2023 by Weed Cookie

My ISP seems to be blocking the wire guard protocol since it does not work in my home network but works fine in other places, I am using wire guard since it is easy to setup
the network i have has two machines (wg-server, client)
on the se… Continue reading Public IP address does not change when tunneling wire guard over socat?→

Can I at the same time use Personal VPN on home router/mobile hotspot and company VPN on employers laptop?

Posted on April 17, 2023 by Libertarian

I need to travel aborad for few weeks. My company needs my laptop IP from strictely perticular country. I can do that with VPN on router or on my mobile hotspot.
Also for many a times I need to use company VPN for some of my work. I was th… Continue reading Can I at the same time use Personal VPN on home router/mobile hotspot and company VPN on employers laptop?→

Security Implications of Allowing TCP Forwarding to Use vscode-server

Posted on April 11, 2023 by basse

While setting up a new VPS instance running Ubuntu, I found that I needed to set AllowTcpForwarding yes in /etc/ssh/sshd_config to achieve a remote VS Code connection. I am and will be the sole user who can log in on that instance, root lo… Continue reading Security Implications of Allowing TCP Forwarding to Use vscode-server→

ssh tunnel: listening on the ssh server [migrated]

Posted on March 15, 2023 by Bob5421

Here is what I am trying to do:
ssh me@server1 4000:server2:4000

With this command, I can connect to server2:4000 by connecting to localhost:4000
What I want to do is to connect on server1:4000
Is there a way to do that ?
Thanks

Continue reading ssh tunnel: listening on the ssh server [migrated]→

SSH over HTTPS or Directly open Non Standard port

Posted on December 16, 2022 by Osada Lakmal

We have a situation where we have an architecture that calls for a Web based UI for querying some data and the data input is through rsync over SSH. I think it would be easier to manage and more secure if we just tunnel SSH through HTTPS s… Continue reading SSH over HTTPS or Directly open Non Standard port→

What is the better tunnel endpoint?

Posted on December 4, 2022 by Watchdogs1499

I’m trying to understand the consequences or implications of setting up tunneling endpoints for the below topology. The tunneling may be used for anything (encryption, VPNs, etc.) assuming the general case.
Assuming our client is at NODE 4… Continue reading What is the better tunnel endpoint?→

If a computer gets infected with malware, can the host firewall block the malware from communicating back to its controller on the internet?

Posted on October 5, 2022 by ninjarubberband

I’m trying to figure out how secure a host firewall is, hence the question in the title.
I read that many firewalls allow outbound connections to port 80 to allow browsing, would that be enough for the malware to communicate to the control… Continue reading If a computer gets infected with malware, can the host firewall block the malware from communicating back to its controller on the internet?→