Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: DNS requests through SSH/443
Special Forums IP Networking DNS requests through SSH/443 Post 302806667 by Corona688 on Monday 13th of May 2013 12:02:18 PM
Old 05-13-2013
DNS uses mostly UDP requests, which makes it difficult to tunnel... There's no socket to intercept, just random point-to-point messages from anywhere to anywhere and back.

Forcing it through port 443 wouldn't really accomplish much.
 

9 More Discussions You Might Find Interesting

1. Solaris

OS Problems -no DNS & SSH not working

I just installed Solaris 6/10 without any problems but I didn't connect the network cable when I installed it. Here are my problems: -I can access webpages using IP addrsses but not with domain names -ssh is installed but it is not running ('ps -e | grep sshd' didn't show it) I have been... (4 Replies)
Discussion started by: kungpow
4 Replies

2. UNIX for Advanced & Expert Users

udp sockets of dns requests not showing anywhere...

Dear guys, I am facing the most weird problem I have ever encountered! Ok here is the situation: From my dns query.log file - it is generated using usual bind9 logging: logging { channel query.log { file "/var/log/bind9/query.log" versions 10 size 2m; severity debug 2;... (0 Replies)
Discussion started by: angeloio
0 Replies

3. HP-UX

What is this error? 443?

# cat /var/log/messages | egrep -i "error|warn|critical|panic|exceed|alert|down|up" Jul 10 09:30:06 plbp1s nanny: shutting down 202.61.9.147:443 due to connection failure Jul 10 10:30:06 plbp1s nanny: shutting down 202.61.9.149:443 due to connection failure 443 is I understood it is port... (1 Reply)
Discussion started by: manalisharmabe
1 Replies

4. Red Hat

ssh with easy dns resolution

In my work env we have a lots of hosts. most all the hosts are in similar hostnames for eg cluster11.data.corp.sb1.uni.com, med123.data.corp.sk1.uni.com, also we have some server is colo network which have the host name like cluster11.data.colo.sb1.uni.com Please help me to make the... (2 Replies)
Discussion started by: unimaxlin
2 Replies

5. UNIX for Advanced & Expert Users

squid: Allow access to only one site and only via 80 or 443

Can someone please give me the conf file line to allow access to myexample.com and only that site, and only through http and https? So far I have only that site accessible via http, but all https sites are opened. Squid 3.1 on Cent 6 ---------- Post updated at 12:06 PM ---------- Previous... (0 Replies)
Discussion started by: glev2005
0 Replies

6. Solaris

Allow usage of port 80 and 443

I am trying to install Sun Java Web Server using an ordinary user with no root/sudo rights. I need to allow this web server to use ports 80 and 443. How can this be done?:confused: (1 Reply)
Discussion started by: emealogistics
1 Replies

7. HP-UX

How to open 443 port in HP-UX?

Hello Experts, I want to open the port 443 on my HP-UX system. can you please help ? Thanks in advance. (1 Reply)
Discussion started by: purushottamaher
1 Replies

8. Solaris

Identify process sending ldap requests to old DNS server

Hi, I have a Solaris 10 system, which appears to be sending out LDAP queries to a server that is due to be decomissioned. Is there a way to identify which process is sending out these queries? The problem is that the local port constantly changes, and the connections do not stay open long... (3 Replies)
Discussion started by: badoshi
3 Replies

9. UNIX for Beginners Questions & Answers

SSL_ERROR_SYSCALL in connection to qa-api.ncl.com:443

I am getting SSL_ERROR_SYSCALL in connection to qa-api.ncl.com:443. Please help me on this. But I am able to get response in Soap UI. Please use CODE tags when displaying sample input, output, and code segments. (13 Replies)
Discussion started by: Ayeesha
13 Replies

LEARN ABOUT DEBIAN

sslh-select

SSLH(8) 																   SSLH(8)

NAME

	sslh - ssl/ssh multiplexer

SYNOPSIS

       sslh [-F config file] [ -t num ] [-p listening address [-p listening address ...] [--ssl target address for SSL] [--ssh target address for
       SSH] [--openvpn target address for OpenVPN] [--http target address for HTTP] [-u username] [-P pidfile] [-v] [-i] [-V] [-f] [-n]

DESCRIPTION

       sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on
       the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside a corporate firewall, which almost
       never block port 443) while still serving HTTPS on that port.

       The idea is to have sslh listen to the external 443 port, accept the incoming connections, work out what type of connection it is, and then
       fordward to the appropriate server.

   Protocol detection
       The protocol detection is made based on the first bytes sent by the client: SSH connections start by identifying each other's versions
       using clear text "SSH-2.0" strings (or equivalent version strings). This is defined in RFC4253, 4.2. Meanwhile, OpenVPN clients start with
       0x00 0x0D 0x38, tinc clients start with "0 ", and XMPP client start with a packet containing "jabber".

       Additionally, two kind of SSH clients exist: the client waits for the server to send its version string ("Shy" client, which is the case of
       OpenSSH and Putty), or the client sends its version first ("Bold" client, which is the case of Bitvise Tunnelier and ConnectBot).

       If the client stays quiet after the timeout period, sslh will connect to the first protocol defined (in the configuration file, or on the
       command line), so SSH should be defined first in sslh configuration to accommodate for shy SSH clients.

   Libwrap support
       One drawback of sslh is that the ssh and httpd servers do not see the original IP address of the client anymore, as the connection is
       forwarded through sslh.	sslh provides enough logging to circumvent that problem.  However it is common to limit access to ssh using
       libwrap or tcpd. For this reason, sslh can be compiled to check SSH accesses against SSH access lists as defined in /etc/hosts.allow and
       /etc/hosts.deny.

   Configuration file
       A configuration file can be supplied to sslh. Command line arguments override file settings. sslh uses libconfig to parse the configuration
       file, so the general file format is indicated in <http://www.hyperrealm.com/libconfig/libconfig_manual.html>.  Please refer to the example
       configuration file provided with sslh for the specific format (Options have the same names as on the command line, except for the list of
       listen ports and the list of protocols).

       The configuration file makes it possible to specify protocols using regular expressions: a list of regular expressions is given as the
       probe parameter, and if the first packet received from the client matches any of these expressions, sslh connects to that protocol.

       Alternatively, the probe parameter can be set to "builtin", to use the compiled probes which are much faster than regular expressions.

OPTIONS

       -t num, --timeout num
	   Timeout before forwarding the connection to the first configured protocol (which should usually be SSH). Default is 2s.

       -p listening address, --listen listening address
	   Interface and port on which to listen, e.g. foobar:443, where foobar is the name of an interface (typically the IP address on which the
	   Internet connection ends up).

	   This can be specified several times to bind sslh to several addresses.

       --ssl target address
	   Interface and port on which to forward SSL connection, typically localhost:443.

	   Note that you can set sslh to listen on ext_ip:443 and httpd to listen on localhost:443: this allows clients inside your network to
	   just connect directly to httpd.

       --ssh target address
	   Interface and port on which to forward SSH connections, typically localhost:22.

       --openvpn target address
	   Interface and port on which to forward OpenVPN connections, typically localhost:1194.

       --xmpp target address
	   Interface and port on which to forward XMPP connections, typically localhost:5222.

       --tinc target address
	   Interface and port on which to forward tinc connections, typically localhost:655.

	   This is experimental. If you use this feature, please report the results (even if it works!)

       -v, --verbose
	   Increase verboseness.

       -n, --numeric
	   Do not attempt to resolve hostnames: logs will contain IP addresses. This is mostly useful if the system's DNS is slow and running the
	   sslh-select variant, as DNS requests will hang all connections.

       -V  Prints sslh version.

       -u username, --user username
	   Requires to run under the specified username.

       -P pidfile, --pidfile pidfile
	   Specifies a file in which to write the PID of the main server.

       -i, --inetd
	   Runs as an inetd server. Options -P (PID file), -p (listen address), -u (user) are ignored.

       -f, --foreground
	   Runs in foreground. The server will not fork and will remain connected to the terminal. Messages normally sent to syslog will also be
	   sent to stderr.

       --background
	   Runs in background. This overrides foreground if set in the configuration file (or on the command line, but there is no point setting
	   both on the command line unless you have a personality disorder).

FILES

       /etc/init.d/sslh
	   Start-up script. The standard actions start, stop and restart are supported.

       /etc/default/sslh
	   Server configuration. These are environment variables loaded by the start-up script and passed to sslh as command-line arguments. Refer
	   to the OPTIONS section for a detailed explanation of the variables used by sslh.

SEE ALSO

       Last version available from <http://www.rutschle.net/tech/sslh>, and can be tracked from <http://freecode.com/projects/sslh>.

AUTHOR

       Written by Yves Rutschle

v1.13b								    2012-08-26								   SSLH(8)
All times are GMT -4. The time now is 12:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy