Consider the following scenario: You are on an untrusted network and
want to ssh to your server behind your company firewall. But the company
firewall is blocking port '22'. Only port '80' and '443' are open.
Running 'sshd' on port '443' will not work as any IDS will detect it using Deep Packet Inspection.
The solution is to tunnel ssh through SSL using 'stunnel'. 'stunnel' encapsulates all traffic in SSL/TLS.
Backdoors installed by trojan horses and viruses also tunnel through SSL to connect to their control server, to bypass client side firewalls and anti-virus software. Most client-side firewalls allow outgoing traffic on ports 80 and 443. Also anti-virus software will not be able to decipher encrypted SSL communication on port 443.
Consider the following scenario:
The server's IP Address is 192.168.122.2.
The user on the client will 'ssh' to port '444' on the local machine, and traffic from port '444' on the local machine will be forwarded to the server (192.168.122.2) at port 443. Since port '443' is open in the firewall, the connection will be allowed.
The server will accept connections on port '443' and forward traffic to port '22'. The 'sshd' is running on port '22' on the server machine. The reply from the 'sshd' will similarly be tunneled to the client.
Configure Server (192.168.122.2):
1) Install package
[root@server1 ~]# yum -y install stunnel
2) Create a self-signed certificate
[root@server1 ~]# cd /etc/pki/tls/certs
[root@server1 certs]# make stunnel.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
Country Name (2 letter code) [XX]:in
State or Province Name (full name) []:maharashtraLocality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:server1.mycompany.com
Email Address []:root@server1.mycompany.com
3) Create config file '/etc/stunnel/stunnel.conf' and add the following lines.
cert = /etc/pki/tls/certs/stunnel.pem
sslVersion = TLSv1
chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
[ssh]
accept = 192.168.122.2:443
connect = 127.0.0.1:22
TIMEOUTclose = 0
The server will accept incoming traffic on port 443 and forward it to 'sshd' on port 22.
4) Create the 'chroot' dir.
[root@server1 ~]# mkdir /var/run/stunnel
[root@server1 ~]# chown nobody:nobody /var/run/stunnel
5) Start stunnel
[root@server1 ~]# stunnel /etc/stunnel/stunnel.conf
6)Ensure that port '443' is open in the firewall.
[root@server1 ~]# firewall-cmd --zone=public --add-service=https --permanent
[root@server1 ~]# firewall-cmd --reload
NOTE:To terminate stunnel
[root@server1 ~]# kill $(cat /var/run/stunnel/stunnel.pid)
Configure Client:
1) Install package
[root@meru ~]# yum -y install stunnel
2) Copy the self-signed certificate file '/etc/pki/tls/certs/stunnel.pem' from the server into the local dir '/etc/pki/tls/certs/'.
3) Create config file '/etc/stunnel/stunnel.conf' and add the following lines.
cert = /etc/pki/tls/certs/stunnel.pem
sslVersion = TLSv1
chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes
[ssh]
accept = 444
connect = 192.168.122.2:443
TIMEOUTclose = 0
The user will ssh to port 444 on localhost. All data from port 444 will be passed to the server (192.168.122.2) at port 443.
4) Create the 'chroot' dir.
[root@meru ~]# mkdir /var/run/stunnel
[root@meru ~]# chown nobody:nobody /var/run/stunnel
5) Start stunnel
[root@meru ~]# stunnel /etc/stunnel/stunnel.conf
6) Test connection. Enter password for the remote server.
[root@meru ~]# ssh -p 444 shabbir@localhost
shabbir@localhost's password:
Last login: Thu May 7 18:55:16 2015 from localhost
[shabbir@server1 ~]$
You now have a ssh connection to your remote server, but all the traffic is tunneled through SSL.
7) To terminate stunnel
[root@meru ~]# kill $(cat /var/run/stunnel/stunnel.pid)
Running 'sshd' on port '443' will not work as any IDS will detect it using Deep Packet Inspection.
The solution is to tunnel ssh through SSL using 'stunnel'. 'stunnel' encapsulates all traffic in SSL/TLS.
Backdoors installed by trojan horses and viruses also tunnel through SSL to connect to their control server, to bypass client side firewalls and anti-virus software. Most client-side firewalls allow outgoing traffic on ports 80 and 443. Also anti-virus software will not be able to decipher encrypted SSL communication on port 443.
Consider the following scenario:
The server's IP Address is 192.168.122.2.
The user on the client will 'ssh' to port '444' on the local machine, and traffic from port '444' on the local machine will be forwarded to the server (192.168.122.2) at port 443. Since port '443' is open in the firewall, the connection will be allowed.
The server will accept connections on port '443' and forward traffic to port '22'. The 'sshd' is running on port '22' on the server machine. The reply from the 'sshd' will similarly be tunneled to the client.
Configure Server (192.168.122.2):
1) Install package
[root@server1 ~]# yum -y install stunnel
2) Create a self-signed certificate
[root@server1 ~]# cd /etc/pki/tls/certs
[root@server1 certs]# make stunnel.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
Country Name (2 letter code) [XX]:in
State or Province Name (full name) []:maharashtraLocality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:server1.mycompany.com
Email Address []:root@server1.mycompany.com
3) Create config file '/etc/stunnel/stunnel.conf' and add the following lines.
cert = /etc/pki/tls/certs/stunnel.pem
sslVersion = TLSv1
chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
[ssh]
accept = 192.168.122.2:443
connect = 127.0.0.1:22
TIMEOUTclose = 0
The server will accept incoming traffic on port 443 and forward it to 'sshd' on port 22.
4) Create the 'chroot' dir.
[root@server1 ~]# mkdir /var/run/stunnel
[root@server1 ~]# chown nobody:nobody /var/run/stunnel
5) Start stunnel
[root@server1 ~]# stunnel /etc/stunnel/stunnel.conf
6)Ensure that port '443' is open in the firewall.
[root@server1 ~]# firewall-cmd --zone=public --add-service=https --permanent
[root@server1 ~]# firewall-cmd --reload
NOTE:To terminate stunnel
[root@server1 ~]# kill $(cat /var/run/stunnel/stunnel.pid)
Configure Client:
1) Install package
[root@meru ~]# yum -y install stunnel
2) Copy the self-signed certificate file '/etc/pki/tls/certs/stunnel.pem' from the server into the local dir '/etc/pki/tls/certs/'.
3) Create config file '/etc/stunnel/stunnel.conf' and add the following lines.
cert = /etc/pki/tls/certs/stunnel.pem
sslVersion = TLSv1
chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes
[ssh]
accept = 444
connect = 192.168.122.2:443
TIMEOUTclose = 0
The user will ssh to port 444 on localhost. All data from port 444 will be passed to the server (192.168.122.2) at port 443.
4) Create the 'chroot' dir.
[root@meru ~]# mkdir /var/run/stunnel
[root@meru ~]# chown nobody:nobody /var/run/stunnel
5) Start stunnel
[root@meru ~]# stunnel /etc/stunnel/stunnel.conf
6) Test connection. Enter password for the remote server.
[root@meru ~]# ssh -p 444 shabbir@localhost
shabbir@localhost's password:
Last login: Thu May 7 18:55:16 2015 from localhost
[shabbir@server1 ~]$
You now have a ssh connection to your remote server, but all the traffic is tunneled through SSL.
7) To terminate stunnel
[root@meru ~]# kill $(cat /var/run/stunnel/stunnel.pid)
SSN FULLZ AVAILABLE
ReplyDeleteFresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>3$ each with SSN+DOB+DL
>>5$ each for premium fullz (700+ credit score with replacement guarantee)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SMTP Linux Root
DUMPS with pins track 1 and 2
WU & Bank transfers
Socks, rdp's, vpn
Php mailer
Sql injector
Bitcoin cracker
Server I.P's
HQ Emails with passwords
All types of tools & tutorials.. & much more
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
Linux And Hacking Guide: Bypass Firewall And Ids Using Stunnel In Rhel7 >>>>> Download Now
ReplyDelete>>>>> Download Full
Linux And Hacking Guide: Bypass Firewall And Ids Using Stunnel In Rhel7 >>>>> Download LINK
>>>>> Download Now
Linux And Hacking Guide: Bypass Firewall And Ids Using Stunnel In Rhel7 >>>>> Download Full
>>>>> Download LINK LP