I am reading Computer Networking: A Top-Down Approach 5th (fifth) edition. I have reached chapter two and I wonder if it is possible to actually try out the different application protocols by writing the requests etc? I am using Windows if that matter if you need a tool for doing that, and if I need a tool, what does the tool do behind the scenes for connecting?
You should use telnet to connect to all of these protocol, do your request, reading the answer and so on.
I'm reading that telnet is disabled by default on newer windows version (unbelievable, why? Thank goodness I stopped using it!)... Follow this guide to re-enable it if you're using a windows version newer than xp.
Telnet was used to remotely login to a host. Today it's completely unsafe to use it in this way, as long as a telnet connection isn't encrypted and we have such a better tool like ssh for remote connection. However, you can think to Telnet as a generic TCP client. It can establish TCP connection on every port.
By default, it will try to attempt to connect to port 23 (that is the telnet port) but you can easily change that.
For example, if you want to test HTTP, you can write in your command line:
~$ telnet www.example.com 80
Trying 192.0.43.10...
Connected to www.example.com.
Escape character is '^]'.
Where 80 is the http port (of course, if you're running it locally, you should connect to localhost). Other lines state the connection is ready to receive a request. Now you can type any http command you want.
GET /
HTTP/1.0 302 Found
Location: http://www.iana.org/domains/example/
Server: BigIP
Connection: close
Content-Length: 0
Where GET / is the command I typed and the rest is the http response.
Changing the port number, you can speak to (almost?) every protocol in the internet.
Well you can them out like this.... just to name a few...
Ftp : ftp ip_addr or ftp domain_name
Telnet : telnet ip_addr or telnet ip_addr:port_no or tracert domain_name
tracert : tracert ip_addr or tracert domain_name
ping : ping ip_addr or ping domain_name
Related
I am a complete beginner when it comes to networking and I am trying to set up a TCP tunnel on my machine using pagekite. I want to route all traffic from a TCP address to a port on my localhost, let's say 8080. I would then start a handler on localhost:8080 to deal with the incoming traffic. I can get this to work with ngrok simply by doing ngrok tcp 8080, but on a free ngrok plan I cannot reserve tcp addresses and ngrok is rather slow, so I opted to try and use pagekite.
Pagekite normally allows easy tunnelling to an HTTP address, but they have a guide here about how to use PuTTY along with Pagekite to create a TCP tunnel proxied by HTTP.
I followed their guide but could use some help figuring out if it does what I want it to do.
I am working on a Linux VM, so I first set up an SSH server with openssh like this: sudo service ssh start
I then exposed that SSH server using pagekite like this: python3 pagekite.py 22 ssh:user.pagekite.me
I then started PuTTY, and configured the Host Name to be user.pagekite.me on port 22, setup an HTTP proxy with the proxy hostname user.pagekite.me on port 443 and finally created a tunnel from the PuTTY machine with source port 8080 and destination localhost:8080.
Now I am not sure what this actually accomplished. I know that the PuTTY machine connected to the ssh server running on my VM and I am able to use the linux terminal from the PuTTY terminal but has this actually created a TCP tunnel from user.pagekite.me:8080 to localhost:8080? Additionally after doing this, if I try to setup the handler on localhost:8080 I get the following error:
Handler failed to bind to 0.0.0.0:8080
Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
Again I am completely clueless when it comes to networking so if anyone could explain what it is I'm doing and if it is even possible to do what I want the way that I am doing it, that would be quite helpful.
I have a problem hosting WebSocket-Sharp on a public internet IP. Locally it works fine.
This problem occurs on Windows and Linux.
I do no receive a timeout or an HTTP status code, the page blocks immediately.
I'm 99% sure I have port forwarding set up correctly; I've tried with an Android modem, VPN and regular NAT router setup.
I've tried the following combinations:
192.168.1.2:80 8080 5000 39393
0.0.0.0: ....
public IP: ....
The problem resides in the HttpServer provided with WebsScketSharp. The pure websocket variant (WebSocketServer.cs), instead of the HttpServer option with Get functionality, has an option to set AllowForwardedRequest to true so will be reachable from non localhost addresses. The HttpServer class doesn't support this.
It is partially a solution as I gave up regular GET functionality, but thats fine by me.
Ok, assuming your server with the public Ip addres is Linux:
Check what ports are listening and what program are listening in those
netstat -tulpn
Check your Firewall rules both in the provider and in the Server
sudo ufw status
See if connections are getting to your Server
sudo tcpdump
You can filter for the port of for origin Ip (if you use a proxy that will be different Ip).
sudo tcpdump | grep "80\|123.45.67.89"
That's the only way to see if the packets are getting into the server.
Let me know if you use Docker as thinks work a bit different.
You can create a tunnel and try like if it was local
ssh -L 80:123.45.67.89:80 ubuntu#yourserver.com
Cheers
I need to open port#42474 on my Windows 10 system for penetration testing purposes.
I added it to the inbound list of my Windows Defender Firewall (both TCP and UDP protocol), and it is enabled.
However, whenever I am trying to ping this port on my machine using telnet it is throwing an error as
Connecting To localhost...Could not open connection to the host, on port 42474: Connect failed
I am able to use telnet to ping other sites such as google.com. But not this port on my machine. Below is the command I am running to test the port and the error:
Port
Telnet error
telnet localhost 42474
Do I need to do anything else to open port#42474?
How do I verify if this port is available for use?
TCP ports are bi-directional, so check these tips:
Verify your service on this port is running: netstat -a
Be sure your firewall isn't blocking (try to deactivate it: if it works well, your rule isn't correct)
Search for your service log: maybe,
it receive information, but it's not able to reply. I recommend you to use PuTTY or Kitty (which is my favorite, because it's portable without registry keys modification), and try to connect on this port.
If you need a tool that able to listen on the port, see this post: Utility to open TCP port to listen state and netcat.
You can use the Python programming language. More specifically, the socket library:
import socket
hote = "localhost"
port = 4444
socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.connect((hote, port))
print "Connection on {}".format(port)
socket.send(u"Hey my name is Abdx!")
print "Close"
socket.close()
i am on a Windows machine and need to connect to an application on a Unix box under a certain port.
i've been told it's open but i'm still having difficulties getting in, is there anything in can do on my end to debug this? how can i check if the port of the Unix server is really open from my IP address?
You can use Telnet.
E.g. telnet example.com 80 to check if the server at example.com accepts connections on port 80.
I am looking for a software to tunnel RDP or other binary TCP traffic through a HTTPS tunnel. Because many clients only have HTTP/S permitted (only port 80 and 443 open in the firewall).
But there's a need to forward RDP (and other protocols) from machines in DMZ to clients.
7
View large function description
Is there any kind of open source or enterprise software for this problem?
Bad solutions
Solutions like F5 big ip has the problem that I have to create the connection configuration with this software. If it would be possible to do this by use of an api it would be an good solution. But i would prefer only to get the tunnel component without bying a whole gateway software. Beacuse i need to create tunnels (1000ds of) out of my own software and its a need to restrict tunnel access to permitted user (Identifyed by session cookie)
Good solutions
http://http-tunnel.sourceforge.net/
If it would be possible that the tunnel client would not be a dedicated server but a java applet of flash running within the clients browser, it would match by 100% my needs.
There are a huge number of projects that tunnel TCP over HTTP(S). You will have to do a bit of work to select the one that best suits your needs (and probably modify it slightly).
SuperTunnel (Java). Looks nice, they seem to have given some thought to how to deal with not-well-behaved proxies.
JHttpTunnel (Java). A port of gnu httptunnel, I think uses the same network protocol.
Netty HTTP Tunnel (Java, part of Netty, a very nice networking library; sample code). I think this requires both client and server to use Netty, but aside from that is a drop-in replacement for the regular sockets in Netty.
ProxyChains (C, Unix, very popular)
GNU httptunnel (C, no HTTPS support, this is probably the granddaddy of all http tunnels)
node-http-tunnel (Node.js), Net::HTTPTunnel (Perl), nRedir (Python), Corkscrew, htunnel, ...
I think SuperTunnel and JHttpTunnel can both be included in an applet or Java app of your own on the client side, they do not need to run as standalone proxies.
Netty will also do that, but (I think) it requires that your server also use Netty: in other words, it allows you to replace regular TCP connect() to a server using Netty with TCP-over-HTTP connect(), but does not proxy arbitrary connections to other servers (unless you write your own simple proxy).
If you are on the windows world I would strongly suggest to take a look at Windows 2008/2008R2/2012 SSTP VPN service. It uses the 443 port, and can be co-hosted with IIS (on 443). It works like a charm on Windows Vista / 7 / 8. I have heard about mac OSX solutions but not there yet.
However there is the good old solution of SSH.
If on linux, just install an openssh-server. If on windows, get and install an OpenSSH Server (e.g. copSSH from itefix https://www.itefix.no/). Modify the port to be using 443 instead of default 22.
On the client side can then use Putty ( http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html ) or kitty ( http://kitty.9bis.net/ ) on windows or any kind of SSH client in any OS to connect to your server through port 443 (where your SSH server is listening to).
Instructions on tunneling via putty for instance can be found on several sites:
http://oldsite.precedence.co.uk/nc/putty.html
http://www.damtp.cam.ac.uk/user/jp107/xp-remote/web-tunnel/
Always remember that you have to point to your local host to do this.
On Windows there is also MyEnTunnel ( http://nemesis2.qx.net/pages/MyEnTunnel ) to simplify the procedure of tunnel configuration and maintenance.
Exploiting this tunnel on a browser is extremely easy: Just tell your browser that you have a socks proxy on a local port (e.h. localhost 8080) that you just configured in your client (putty, kitty, myentunnel or whatever else).
I wrote one called sshh.
http://sourceforge.net/projects/sshh/
I went a little nuts, it actually lets you make connections backwards through it.
If you want to open a TCP tunnel over WebSocket and Browser, as your restricted environment, and you just can access limited websites by a browser.
I think this tunnel tool I made can help you settle your issues down.
Cactus Tunnel: https://github.com/jeffreytse/cactus-tunnel
🌵 A charming TCP tunnel over WebSocket and Browser.
With it, you can open a tunnel over your browser quickly, and set up the SSH tunnel, sock5 proxy, etc.
For your convinience, below are the instructions of building SSH socks5 proxy tunnel via cactus-tunnel
Install tunnel tool
npm i -g cactus-tunnel
Run tunnel server
cactus-tunnel server
Run tunnel client in browser bridge mode
cactus-tunnel client -b ws://<your-tunnel-server>:7800 <your-ssh-server>:22
Create socks5 proxy in client side
ssh -p 7700 -D 1337 -q -C -N <username>#localhost
-p 7700: connect to specific SSH port 7700
-D 1337: open a SOCKS proxy on local port 1337
-q: quiet mode, don’t output anything locally
-C: compress data in the tunnel, save bandwidth
-N: do not execute remote commands, useful for just forwarding ports