Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

"reverse" SOCKS with Putty

635 views
Skip to first unread message

FrogSlayer

unread,
Jul 23, 2006, 2:41:46 PM7/23/06
to
Hi
Im trying to build a very freaky kind of tunnel
At my school we regulary organise LAN party, outsider are not accepted
though. I wish to make a tunnel in order to "forward" the LAN to my home
to let my brother play with us.
there are no SSH servers on the network used to play at school. Most
ports are closed. I have a router at home running linux. I was thinking
to connect to the router by SSH with dynamic forwarding enabled but it
only allow ME to access Internet though my router. I wish my brother (at
home) to access the socks tunnel and access the LAN.

Any help ?

Richard E. Silverman

unread,
Jul 23, 2006, 3:57:16 PM7/23/06
to
>>>>> "FS" == FrogSlayer <fa...@forget.it> writes:

FS> Hi Im trying to build a very freaky kind of tunnel At my school we
FS> regulary organise LAN party, outsider are not accepted though. I
FS> wish to make a tunnel in order to "forward" the LAN to my home to
FS> let my brother play with us. there are no SSH servers on the
FS> network used to play at school. Most ports are closed. I have a
FS> router at home running linux. I was thinking to connect to the
FS> router by SSH with dynamic forwarding enabled but it only allow ME
FS> to access Internet though my router. I wish my brother (at home)
FS> to access the socks tunnel and access the LAN.

FS> Any help ?

You can always

--
Richard Silverman
r...@qoxp.net

Write-Only Memory

unread,
Jul 23, 2006, 11:41:49 PM7/23/06
to
FrogSlayer <fa...@forget.it> wrote:
>... I was thinking
>to connect to the router by SSH with dynamic forwarding enabled but it
>only allow ME to access Internet though my router. I wish my brother (at
>home) to access the socks tunnel and access the LAN.

How about something like this:
http://www.ishiboo.com/~nirva/Projects/vpn/

Jacob Nevins

unread,
Jul 24, 2006, 4:40:01 PM7/24/06
to
FrogSlayer <fa...@forget.it> writes:
>At my school we regulary organise LAN party, outsider are not accepted
>though. I wish to make a tunnel in order to "forward" the LAN to my home
>to let my brother play with us.
>there are no SSH servers on the network used to play at school. Most
>ports are closed. I have a router at home running linux. I was thinking
>to connect to the router by SSH with dynamic forwarding enabled but it
>only allow ME to access Internet though my router. I wish my brother (at
>home) to access the socks tunnel and access the LAN.

The following considerations would apply to any server-to-client
equivalent of PuTTY/OpenSSH's "dynamic" SOCKS interface to
port-forwarding:
- it would have to be implemented in the SSH server;
- many SSH clients (including PuTTY) are likely to reject any attempt
by the server to unilaterally set up forwarded connections, per the
SHOULD requirement in RFC 4254 7.2.
I'm not aware of any SSH server implementing this feature (but I haven't
looked very hard).

If possible, it would be simpler to set up appropriate remote-to-local
tunnels for your application in your SSH client.

If you really need a SOCKS proxy for some reason, you could run a
standalone proxy server somewhere near the SSH client, point a single
remote-to-local tunnel at it in the client, and point the SOCKS client
at home at the server end of the tunnel.

You should probably consider whether bypassing your school's access
controls like this is a good idea.

FrogSlayer

unread,
Jul 25, 2006, 3:38:45 PM7/25/06
to
thx for both answers ill try remote to local tunnels , should be simpler.

and no i dont think its wrong to setup this kind of things on my shcool
lan, because i cant see any security flaw in it. I connect to a router
by SSH (filtered by IP) and the tunnel is only accssible within my LAN.
besides, admins are former students of the school and play with us at
these meetings XD.

i just though...now that ive forwrded the ports im interrested in,
shouldnt i forward them to the target IP on my LAN ? (using iptables i
could use some help there too ^^)

Nico Kadel-Garcia

unread,
Jul 25, 2006, 9:24:37 PM7/25/06
to
FrogSlayer wrote:
> thx for both answers ill try remote to local tunnels , should be
> simpler.
> and no i dont think its wrong to setup this kind of things on my
> shcool lan, because i cant see any security flaw in it. I connect to
> a router by SSH (filtered by IP) and the tunnel is only accssible
> within my LAN. besides, admins are former students of the school and
> play with us at these meetings XD.

Just because you do not see anything wrong with it does not mean your
school's network administrators will not get angry with you if they catch
you doing it. Seriously. I'm glad you're on good terms with them: why not
ask them about doing this, and if they'd mind?

0 new messages