[gentoo-user] tunneling or redirect attack?
Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? Thanks for information. Laurent
Re: [gentoo-user] tunneling or redirect attack?
On 12/1/2009 10:07 AM, laurent wrote: Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? Thanks for information. Laurent And this is relevant here because?
Re: [gentoo-user] tunneling or redirect attack?
Is it a common thing, or really easy to do, to redirect the content from a server to another one? Change dns records/ip addresses? Like launching an lil app telling the port to listen and then get all data travelling there?? tcpdump? -- Kyle
Re: [gentoo-user] tunneling or redirect attack?
laurent a écrit : Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? Thanks for information. Laurent hm now I see in my webmin HTTP Tunnel. It would make ue of my server as a kind of proxy to reach an uri ? Any link information about that matter would please me. :) Thnaks Laurent
Re: [gentoo-user] tunneling or redirect attack?
On 1 Dec, laurent wrote: Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? You might consider ssh tunneling google for these 2 words, e.g. you get http://www.revsys.com/writings/quicktips/ssh-tunnel.html https://calomel.org/firefox_ssh_proxy.html http://members.shaw.ca/nicholas.fong/vnc/ and many more. Helmut. -- Helmut Jarausch Lehrstuhl fuer Numerische Mathematik RWTH - Aachen University D 52056 Aachen, Germany
Re: [gentoo-user] tunneling or redirect attack?
On Tue, Dec 01, 2009 at 04:07:44PM +0100, Penguin Lover laurent squawked: Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? You need to be a bit more precise about what you mean... If you are talking about client A sitting behind router B which interfaces with Big Scary Internet C, then it is trivial for the router B to have a transparent proxy or some other form of package re-write that redirects your traffic. If you are talking about client A and server B and server C then it is also trivial for server B to redirect all its traffic to server C. If you are talking about client A and server B and Bad server C and attacker D, I don't see how in general the attacker D can redirect traffic from B to C, unless D somehow sits on the only node that connects A to B (in which case you are essentially back to scenario 1). (Yes yes, there are DNS injections and what nots, but in essence they are just variations of scenario 1.) There are also other possible scenarios. So please describe in a bit more detail what you are thinking of and why you care. Cheers, W -- English lessons for programmers #28: Fewer is of type int; whereas less is of type double. Sortir en Pantoufles: up 1089 days, 16:41
Re: [gentoo-user] tunneling or redirect attack?
Marcus Wanner a écrit : On 12/1/2009 10:07 AM, laurent wrote: Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? Thanks for information. Laurent And this is relevant here because? hm yes true. Because I'm sure some people know that here and it's about network, server, gentoo is a network based operating system.(-ok this is not somehow true but..) Because you guys are damn good geeks so I would find some common interest here. Ok I know this subject can relate to hacking where my point is not here at all. I just poped on configuring my server on that security issue. If not using SSL with proper certificate it was made possible to tunnel my remote communication with my server. And then I found also this HTTP Tunnel module in my webmin. So I wanted to have more information about all this, and so you're the people I relate too. cheers Laurent
Re: [gentoo-user] tunneling or redirect attack?
Willie Wong a écrit : On Tue, Dec 01, 2009 at 04:07:44PM +0100, Penguin Lover laurent squawked: Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? You need to be a bit more precise about what you mean... If you are talking about client A sitting behind router B which interfaces with Big Scary Internet C, then it is trivial for the router B to have a transparent proxy or some other form of package re-write that redirects your traffic. If you are talking about client A and server B and server C then it is also trivial for server B to redirect all its traffic to server C. If you are talking about client A and server B and Bad server C and attacker D, I don't see how in general the attacker D can redirect traffic from B to C, unless D somehow sits on the only node that connects A to B (in which case you are essentially back to scenario 1). (Yes yes, there are DNS injections and what nots, but in essence they are just variations of scenario 1.) There are also other possible scenarios. So please describe in a bit more detail what you are thinking of and why you care. Cheers, W I was talking about the A,B,C,D case. You say this is not common or easy to achieve. I was interested on how work tunneling and what are the possibilies of its use. I will read that first: http://en.wikipedia.org/wiki/HTTP_tunnel :) thanks Laurent
Re: [gentoo-user] tunneling or redirect attack?
Helmut Jarausch a écrit : On 1 Dec, laurent wrote: Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? You might consider ssh tunneling google for these 2 words, e.g. you get http://www.revsys.com/writings/quicktips/ssh-tunnel.html https://calomel.org/firefox_ssh_proxy.html http://members.shaw.ca/nicholas.fong/vnc/ and many more. Helmut. So it means I could always connect to internet through my remote server. Anywhere I am on this planet I connect to my server and it/he get the content for me. Kinda sweet. Does it mean it could balance/regulate and augmente my bandwith power for my workstation? Laurent
Re: [gentoo-user] tunneling or redirect attack?
On Tue, Dec 1, 2009 at 2:53 PM, laurent laur...@logiquefloue.org wrote: Helmut Jarausch a écrit : On 1 Dec, laurent wrote: Hi, Is it a common thing, or really easy to do, to redirect the content from a server to another one? Like launching an lil app telling the port to listen and then get all data travelling there?? You might consider ssh tunneling google for these 2 words, e.g. you get http://www.revsys.com/writings/quicktips/ssh-tunnel.html https://calomel.org/firefox_ssh_proxy.html http://members.shaw.ca/nicholas.fong/vnc/ and many more. Helmut. So it means I could always connect to internet through my remote server. Anywhere I am on this planet I connect to my server and it/he get the content for me. Kinda sweet. Does it mean it could balance/regulate and augmente my bandwith power for my workstation? Laurent Well, if you mean always connect to internet through your remote server in terms of bypassing a firewall or silent proxy, possibly but not guaranteed (and likely against whatever agreement you have that put you in a position to be behind that firewall or proxy anyhow). To use it for that purpose, you would have to be able to, at the least, get to your remote server... which is just somewhere else on the internet itself. As for augmenting bandwidth for your local system, using the remote one... not really, no. Whatever link you use to get to the remote server is likely to be the same you're going to use to get to anywhere else on the internet, and it's that last link that tends to be the most limiting factor on speed. I have, however, used a slow link to connect to a system I had on a faster link somewhere, downloaded the files I wanted on that system, then pulled them off onto a usb drive when I was physically with that system the next time... but trying to pull from that system to where I was controlling it from would have been the same as, if not slower than, pulling those files directly from the original source. So an all around yes, but no, answer ;) -- Poison [BLX] Joshua M. Murphy
