Port Forwarding

Idiot proof setup for persistent reverse shells / port forwards (same thing) under a Ubuntu VM remote and my Dreamhost server, but should apply to nearly* all *nix’s First off, some terms to keep this easy. I want to be able to access my in-office VM, xavier from my server magneto (not my names, but they conveniently complement). xavier is not publicly accessible, but magneto is. I’ll be replacing all of the FQN’s with these terms so expand on your own. In generic terms, xavier is the remote machine (i.e the one behind some NAT firewall or such that you want to get access to) and magneto is the local machine. Its a bit confusing since all of the work is done on xavier, but it makes sense in the long run. Just trust me and get on with it. ...

While working on an IDS Solution for a client, I came across Untangle, and I loved it so much that I pulled out an old box and loaded it up as my office firewall. One thing that is lacking, from my perspective (at least in the ‘free’ edition) is the firewall interface; Untangle uses an IpTables based firewall, but doesn’t replicate the usual INPUT FOWARD OUTPUT rulebase. I think that in 90% of usecases for Untangle, this isnt a problem, but I found it a little bit alien to have portfowarding hidden in the Networking config pane, and firewall separatly. ...

Last week or there abouts, there was a big buzz around the interwebs revisiting Dan Kaminski’s OzymanDNS tool, a perl based toolkit for tunnelling TCP traffic over DNS requests (technically its TCP over SSL over DNS but whos counting) That was originally released mid-2004. I never really found the true source of the new hype surrounding a “old” project (it may have been HAK5’s episode 504 that demonstrated the tool, mubix has put the write up in at room362) ...