[TriLUG] Stump the Chumps! ssh tunneling
Tarus Balog
tarus at sortova.com
Thu Jun 5 17:48:36 EDT 2003
Gang:
Okay, time for Stump the Chumps.
Disclaimer: the following scenario discusses trying to get around a
network access roadblock. This was done on a network I had full
permission to use (I was in a bank right next to the AS/400 with all
the money) so it in no way is requesting help for an illegal activity.
I was at a customer site installing Linux on what used to be Novell
server. The network manager was on vacation, so I was pretty much left
with a page of instructions and someone who could point out the machine
in a lineup.
I installed the O/S and then went to use apt-for-rpm from
freshrpms.net. Unfortunately, HTTP on port 80 was set up to be
redirected to a Novell Border Manager box, who's client promptly wet
the bed with Mozilla.
Now, ftp, ssh and other protocols were open, so I was able to get out
on the internet. For example, if I wanted to see the main CNN page I
could run:
ssh -L 80:cnn.com:80 sortova.com
and then point the browser to "localhost" and it worked.
However, apt for rpm accessed the freshrpms.net site which used a
redirect (not the right term - more like an alias - but you get the
meaning). Since this redirect was seen by the browser as a move from
"localhost" to another site, it would attempt to access port 80 on that
site and promptly be caught by the Border Manager.
Quiz time: using the tools at hand, is there a way to tunnel *all* http
traffic through the ssh tunnel?
-T
----------
Tarus Balog
Consultant
Sortova Consulting Group, Inc. (www.sortova.com)
tarus at sortova.com - 919-696-7625
More information about the TriLUG
mailing list