Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Things you learn about SSH

Leave a comment Posted by ChrisJohnRiley on August 28, 2007

I’m sure those reading my blog for personal reasons (i.e. Family members – Hi mum) really don’t care about this post. Personally a few years ago (or maybe even months) I might not have either.

Anyway I’ve been using the great little program called synergy for a while now. As I’m running a lot of systems here (a pc, a few laptops, and a Mac G4) I was running out of desk space. Well anyway, synergy lets you control multiple systems from 1 keyboard and mouse (you need to use seperate monitors though incase you wanted to know) using signals sent between the machines over the LAN. Anyway lots of people have blogged on the use of this, so lets move on. The thing that made me scared was that all traffic that went over the LAN was totally clear text.

I did a capture using wireshark and you could see everytime I pressed a key that a “keypress event” was sent in packet form between machines. I could string together my packets in wireshark and read my passwords and notes. Very secure…

Still this leads me to the fun part (depending on your like or dislike of technology) SSH. Those people who run *nix will know what this is already. For those windows users amongst us, this is a secure tunnel between machines. Using SSH on both machines (openSSH can run under Windows using the Cygwin project) you can create a fully secure tunnel between machines using the following command.

ssh -f -N -L port:serveraddress:port serveraddress

As example my command run from the synergy client machine is.

ssh -f -N -L 28400:192.168.0.31:28400 192.168.0.31

This tells SSH to tunnel any traffic looking to use port 28400 to the address and port you specify (i.e. tunnel within a secure wrapper to my synergy server).

It works like a charm (although it was hell to get automated on the Mac system)… more about that if you want to mail me. Still think of the possibilities for SSH tunneling. I’ve got a tunnel now that will take all my internet traffic from my laptop (on any commection worldwide) to my machine hosted on the internet, and then routed out again. No more worries of those nasty black hat hackers scanning your unencrypted wireless traffic at a local coffee shop 😉

Well that’s your tech for today……

Technology

← Chaos Computer Camp Another day, another chapter →

Comments are closed.

RSS feed

The contents of this personal blog are solely my own opinions and comments, as such they do not reflect the opinions of my employer(s) past, present or future. No legal liability is accepted for anything you do, think, or consider fact as the basis of articles and links posted on this blog.

"Three to one...two...one...probability factor of one to one...we have normality, I repeat we have normality. Anything you still can’t cope with is therefore your own problem."

Note: A large portion of content I post on my blog comes from "live blogging" of security conferences. These posts are in notes form and are written live during a talk. As such errors and emissions are expected. I'm only human after all!

Cатсн²² (in)sесuяitу / ChrisJohnRiley

Things you learn about SSH

Recent Posts

Archives

@ChrisJohnRiley

Links

Disclaimer

Cатсн²² (in)sесuяitу / ChrisJohnRiley

Things you learn about SSH

Rate this:

Share this:

Like this:

Related

Recent Posts

Archives

@ChrisJohnRiley

Links

Disclaimer