Tunneling a network connection into a VMWare guest without network - networking

I'm trying to establish a TCP connection between a client machine and a guest VM running inside an ESXi server. The trick is that the guest VM has no network configured (intentionally). However the ESX server is on the network, so in theory it might be possible to bridge the gap with software.
Concretely, I'd like to eventually create a direct TCP connection from python code running on the client machine (I want to create an RPyC connection). However anything that results in ssh-like port tunneling would be breakthrough enough.
I'm theorizing that some combination of VMWare Tools, pysphere and obscure network adapters could be possible. But so far, my searches don't yield any result and my only ideas are either ugly (something like tunneling over file operations) and/or very error prone (basically, if I have to build a TCP stack, I know I'll be writing lots of bugs).
It's for a testing environment setup, not production; but I prefer stability over speed. I currently don't see much need for high throughput.
To summarize the setup:
Client machine (Windows/Linux, whatever works) with vmware tools installed
ESXi server (network accessible from client machine)
VMWare guest which has no NICs at all, but is accessible using vmware tools (must be Windows in my case, but a Linux solution is welcome for the sake completeness)
Any ideas and further reading suggestions would be awesome.
Thank you Internet, you are the best!

It is not clear the meaning of 'no NICs at all on guest'. If I can assume that, there is no physical NICs assigned for the guest is what is meant here. The solution is easy as a vmWare soft NIC can be provisioned for the guest VM and that will serve as the entry point to the guest netstack.
But if the soft NIC is also not available, i really wonder how and what can serve as the entry point to the netstack of guest, be it Linux/Windows. To my understanding, if thats what you meant, then you might need to make guest OS modifications to use a different door to access the guest netstack and to post/drain pkts from it. But again, when you do a proper implementation of this backdoor, it will become just another implementation of softNIC which vmware by default support. So, why not use that?

It's a bit late but a virtual serial port may be your friend. You can pick the serial port on the outer end via network or locally depending on your options. Than you can have some ppp stuff or your custom script on both ends to communicate. You could also run some tool to create a single socket from the serial link on the guest end if you want to avoid having a ppp interface but still need to tunnel a TCP connection for some application.
This should keep you safe when analyzing malicious code as long as it's not skynet :-) You still should do it with the permission of the sysadmin as you may be violating your company's rules by working around some security measurements.

If the VM 'intentionally' has no network configured, you can't connect to it over a network.
Your question embodies a contradiction in terms.

Related

Connecting to a local IP (not in Network) from a computer without connecting to other networked computer sharing same IP

I am sorry, I dont know if this question is already asked (afaik this wasnt asked based on my search results). I have a computer running a software that needs license from a server in my company's domain. For pulling the license, I need to connect to the company network. Also there is a hardware setup in our company which is not integrated to the network. And I need to process some data from the hardware, and the data has to be shared with the software. So, I make two connections, one ethernet connection to the hardware and other wireless for using the software's license. I tried accessing the data from the hardware in the software through hardware's IP address. The problem is, there is another computer in our company from another location sharing the same IP as the Hardware, and the software tries retrieving the data from that computer and fails. I am sorry, if this is priliminary and I am not a networking person.
Simply put, one of the two systems need to change its IP address.
The alternatives are usually too complex and error prone, and their viability depends on the particularity of your environment:
Use arp command to force your PC IP-Mac mapping
Put a router in front of your hardware that does port forwarding
Use VLANs

Risks by creating a Minetest in one's own network - Raspberry Pi 3 - Raspbian

I want to create a Minetest server on my Raspberry Pi 3 in my own network.
I know some discussions have been made (like Any risks in installing my own http server?), but I want to create a Minetest server.
I would like to know
• If it's dangerous to create a server in my own network
• If I can make a protection if it's dangerous.
Thanks
PS : Sorry for the mistakes, I'm French!
I'm going to assume here that you're intending to serve this internally. You certainly wouldn't want to put an external game server on a network that was also shared by your household. The Raspberry PI is assumed to be internal itself without a public IP or any way to be addressed beyond the local network.
Realistically speaking, you can probably assume an internal network is safe enough for inconsequential internal services, if physical and wireless access is adequately controlled. Looks like minetest is a game server, so unless you combine its server with other far more sensitive tasks, it's not like there's any dire consequence to unauthorized access.
But that perspective does seem a little naive, doesn't it? If access were to occur, the raspberry pi could probably be compromised, and from there, the IoT devices in the home, other private services, etc are at risk too. So, perhaps you're just a little too paranoid / experienced / virtuous to leave it at that.
If so, we can probably assume that the connection itself doesn't support much in the way of encryption, but it's likely we can successfully tunnel the connection in any number of ways to add an encryption layer "between" client and server.
The simplest of these is probably ssh. You're already using it to manage your raspberry pi, probably, and if you're not, you might want to (I for one need copy/paste between web and terminal, and I don't want to run gui on pi!). SSH offers a much higher standard of security than most protocols.
Conceptually, you execute an ssh client locally on the game client configured to open a local port on the game client, and forwards packet recieved on that port to a remote port on the ssh server. The remote port need not be accessible on the network directly, only ssh ( the game server would listen on localhost). The ssh tunnel uses strong encryption methods to pass the traffic over the untrusted network ( yours, or perhaps any network for some traffic ).
The process when implemented, would look something like this:
actiate ssh server on pi if not yet done,
obtain ssh client for game client machine. ( Putty for old windows, built in for linux or osx etc, new windows might have better support).
generate ssh keypair on client (each client should do these steps. private keys are ideally never transferred. )
add public key to ssh user on pi and verify that you can login without password
Use SSH tunnel in oyur client to create a local port that tunnels to the remote game server port. https://www.skyverge.com/blog/how-to-set-up-an-ssh-tunnel-with-putty/ looks like a good putty tutorial, https://www.revsys.com/writings/quicktips/ssh-tunnel.html looks decent for unixy environs.
I prefer to take the safe and lazy route, assuming no network is necessarily secure, and weighing the convenience of accessibility against the securiry concerns. Using an ssh tunnel is, once you get used to it, a simple and straightforward way to access services across any untrusted network, by it your own, a public wifi, or the internet at large.

How to setup SQL Server Express on local network with wireless router

Guidance on how to connect to SQL Server 2012 needed.
I am on Windows 10 Home Edition
I have set up SQL Server Express to allow remote connections on my database machine to serve up data to three client machines.
Firewall has been set for ports - check
Allowed mixed mode logins - check
Setup IPs through SQL Configuration Manager - check
The server is something like 192.168.1.40,1433 and I can login successfully through SQL Server Express on my client machines. I had a long LAN cable running along the floor which is not optimal. So, I went to the store and bought a router so that I could connect wirelessly but have limited experience in networking.
After, installation of the router I can no longer connect to SQL Server. This makes sense since there is another piece of hardware in the chain.
After doing an IP config on the command line I see that the IPV4 address has changed. I assume I am not picking up the private IP address of the router rather than the modem that I was initially connected to.
Should I be port forwarding?
What are my options?
I explored what I thought may be reasonable leads to get this working.
First, I tried to create a virtual server (I also assume this is how to port forward on my particular router). I didn't really know what to put in five fields that were given other than server name and Protocol TCP or if I was on the right track at all.
The other three fields consist of:
External Port, Internal IP, and Internal Port
If this is a reasonable solution can you let me know what to put in these fields and any changes to the SQL Server configuration or firewall might be?
Should I VPN ?
After exploring this option on google I also notice people saying, "set up a VPN is the correct way to go." However, I don't really know how to do this. The only VPNs I know of are external VPN providers. It seems that I would be setting up a VPN server if I am not corrected(maybe on the server computer) and connecting via my client machines.
Any clarification or direction would be greatly appreciated. I am sure I have missed the mark on many things here but still would like to make ground.

Passive connection protocols or tunnels, how do they work

I was wondering how tools like teamviewer work. I'm not using the words server and client because I am not quite sure who is who. So I will talk about local and remote.
I have a tool installed on a remote machine behind firewalls and NAT, so only port 80 is okay for outbound connections. Now the local machine wants to connect to the remote machine. The only way I can image connection to work, is if the remote polls the local machine to check if it wants to connect, and then the remote establishes a connection to the local machine.
Teamviewer uses the same mechanism only with one entity in the middle, so the remote doesn't have to know the local in advance? So the remote always polls the entity in the internet?
Is that the way this kind of connection works? It seems quite a wast, always having to poll the local or some dealer-webserver. Especially if the connection has to work quickly, the polls must happen every second?
Am I missing something?
If someone is to scared to answer, a simple yes or no does the trick :-)
The hole punshing approach, so it's a yes.

Create a Windows (win32) service discoverable across the network

In short: How to reliably discover a server running somewhere on a (presumably multi-segmented) local area network with zero client configuration
My client application has to locate the server application without knowing the server IP address. It has to work on a local LAN that may be split into segments with hubs or other switching devices.
I already have a working solution, but it is a bit cumbersome to get it working on multi-segment networks. It works as follows:
When the client starts up, it sends UDP broadcasts on its own network segment. If the server is running on the same segment, it works without any issues - the server responds with the appropriate messages.
If the server and client are running on networks separated by a hub / switch that won't forward UDP (the most likely case), then I have a server instance running on each segment, and they forward client requests to each other via TCP - but I need to configure this for the server instances (simple, but still a pain for tech support.) This is the main problem that I need to address. There are sites where we have hundreds of clients running on 5 or 6 separate segments.
The problems I'm facing:
1. Although my application installer enables the appropriate ports on the firewall, sometimes I come across situations where this doesn't seem to happen correctly.
2. Having to run multiple server instances (and therefore configure and maintain them) on hub/switched networks that won't forward UDP
Finally I need a solution that will work without maintenance on a minimal Windows network (XP / 2000 / Vista) that probably doesn't have Active Directory or other lookup services configured.
I don't want to tag on any runtime stuff for this - should be able to do it with plain VC++ or Delphi.
What approaches do commercial apps usually take? I know that SQL Server uses a combination of broadcast and NetBEUI calls (I may be wrong about this).
Thanks in advance.
You have a few terminology issues:
Where you say "network segment" you appear to mean "IP subnet". Devices on the same network segment can see the same IP broadcasts.
Where you say "hub/switch" you appear mean "IP router".
Where you say "won't forward UDP", the problem is actually "won't forward IP broadcasts".
Once we get past that, you have a few options:
Your servers could register themselves under a well-known name in DNS, if you have a DNS server that allows dynamic DNS updates. You should probably use a SRV record as specified in RFC2782. The clients then do a DNS lookup to find the server(s).
You could statically assign your server(s) well-known names in the organisation's DNS, perhaps with a SRV record as with the previous option.
Your servers could join an IP multicast group, if your routers support IP multicast. The clients then send their initial discovery request as a UDP packet to the (pre-ordained) multicast address.
If you have domain server, I would go with small service on it. You can connect with other services to it and use it as distribution point.
Why domain server? It is relatively easy to find it's name (DsGetDcName).
Other choices would include DHCP server, DNS server or something of that kind that needs to be filled by maintenance staff anyhow.

Resources