[CentOS] Two questions
You guys are awesome working on CentOS 8! Where might a get a list of the packages in CentOS 8 ? Will there be a "in place" upgrade from 7 to 8? Thanks, Jerry ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] two questions about ssh tunneling
if I: ssh -fND localhost:6000 someb...@192.168.56.5 -p PORTNUMBER from computer A to computer B [B = 192.168.56.5] then I can set the SOCKS proxy for e.g.: Firefox to use localhost:6000 on computer A. Ok. I can surf the web through B. But: - Can anyone sniff the traffic of A? [e.g.: computers on same subnet as A] Like DNS requests? - I think no, but I'm not sure :O - Can anyone sniff the traffic of computer B? e.g.: B computer is at a server farm [others in the farm can see the traffic?] - I think yes, but I'm not sure :O ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] two questions about ssh tunneling
if I: ssh -fND localhost:6000 someb...@192.168.56.5 -p PORTNUMBER from computer A to computer B [B = 192.168.56.5] then I can set the SOCKS proxy for e.g.: Firefox to use localhost:6000 on computer A. Ok. I can surf the web through B. But: - Can anyone sniff the traffic of A? [e.g.: computers on same subnet as A] Like DNS requests? - I think no, but I'm not sure :O Sure, that possible if your name resolution traverses a network path interceptable by the guy sniffing. - Can anyone sniff the traffic of computer B? e.g.: B computer is at a server farm [others in the farm can see the traffic?] - I think yes, but I'm not sure :O Same thing, if the outbound web traffic leaves that host via a route another op has access to, like a switch with a mirror port, he can easily see what's moving back and forth. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] two questions about ssh tunneling
On Sat, 5 Dec 2009 10:14:01 am Joseph L. Casale wrote: if I: ssh -fND localhost:6000 someb...@192.168.56.5 -p PORTNUMBER from computer A to computer B [B = 192.168.56.5] then I can set the SOCKS proxy for e.g.: Firefox to use localhost:6000 on computer A. Ok. I can surf the web through B. But: - Can anyone sniff the traffic of A? [e.g.: computers on same subnet as A] Like DNS requests? - I think no, but I'm not sure :O Sure, that possible if your name resolution traverses a network path interceptable by the guy sniffing. You can tell firefox to use the socks proxy for DNS requests as well by typing about:config in the url bar and setting network.proxy.socks_remote_dns to true. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] two questions about ssh tunneling
Tudod Ki wrote: if I: ssh -fND localhost:6000 someb...@192.168.56.5 -p PORTNUMBER from computer A to computer B [B = 192.168.56.5] then I can set the SOCKS proxy for e.g.: Firefox to use localhost:6000 on computer A. Ok. I can surf the web through B. But: - Can anyone sniff the traffic of A? [e.g.: computers on same subnet as A] Like DNS requests? - I think no, but I'm not sure :O The packets between A and B will be be visible only as encrypted ssh packets. DNS lookups will depend on the client socks protocol. Socks4 did the lookups on the client and was extended as socks4a to do dns on the server. Socks5 lets the server handle dns. - Can anyone sniff the traffic of computer B? e.g.: B computer is at a server farm [others in the farm can see the traffic?] - I think yes, but I'm not sure :O The A-B connection will appear here as well, as encrypted ssh packets. The proxied outbound connections will be unencrypted but will appear to originate from B. If you are the only one connected it wouldn't be too hard to deduce what is going on - and the packets will mostly correspond one for one timing wise. So, the connection wouldn't be obvious, but I wouldn't count on not getting caught if you are doing something illegal. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
