1 / 11

Network Security

Network Security. SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa. Using SSH Tunneling. SMB Mount Remote Desktop. Direct Connect. SMB file server. Share client. Port 139. Tunnel. SMB file server. Share client.

Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa

  2. Using SSH Tunneling • SMB Mount • Remote Desktop

  3. Direct Connect SMB file server Share client Port 139

  4. Tunnel SMB file server Share client Port 139 SSH client Port 139 Port 22 SSH server encrypted sshd

  5. Download ToolsSetup lmhosts • rpccfg.exe • http://download.microsoft.com • Search for rpccfg • C:\windows\system32\drivers\etc\lmhosts • 127.0.0.1 smb00

  6. Set TCP Port 135 • Listen only on interfaces specified by Bind value • HKLM\System\CurrentControlSet\Services\RpcSs • Add ListenOnInternet REG_SZ N • Reboot

  7. Configure RPC • Configure host not to listen on 0.0.0.0:135 • rpccfg –l • Select interface number of non-loopback interface • rpccfg -a 65539 • Reboot

  8. Setup SecureCRT(or Favorite SSH Program) • SecureCRT • Tunnel Ports • Z:"Port Forward Table V2"=00000002 • port135|127.0.0.1,135|1|128.255.17.40|135|| • port139|127.0.0.1,139|1|128.255.17.40|139|| • Setup “Port Forward Filter” • =allow,127.0.0.0/255.0.0.0,0 allow,128.255.20.23/255.255.255.255 deny,0.0.0.0/0.0.0.0,0

  9. Remote Desktop TunnelBasic Setup • Make sure remote assistance and remote desktop are turned off under • Start | Control Panel | System | Remote • Setup SSH with local port 3389 forwarded to remote port 3389 on target Windows computer

  10. Setup Modified mstsc.exe • Allow connections to 127.0.0.1 • Copy c:\windows\systems32\mstsc.exe and mstscax.dll to another folder • Set mstsc.exe in new location to run in Windows 98 compatible mode.

  11. Connect viaRemote Desktop • Connect SSH session • Start modified mstsc.exe • Connect to 127.0.0.1 • Login as usual

More Related