FW: Tunelling RDP traffic over HTTP proxies.
From: Jeroen van Meeuwen (kanarip_at_pczone-clan.nl)
Date: 11/24/05
- Previous message: Alessandro Bottonelli: "Re: ISO 17799"
- Maybe in reply to: Steve McLaughlin: "Tunelling RDP traffic over HTTP proxies."
- Next in thread: Steve McLaughlin: "RE: Tunelling RDP traffic over HTTP proxies."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Thu, 24 Nov 2005 22:32:31 +0100
This issue was resolved in private.
Thanks for all your replies.
Kind regards,
Jeroen van Meeuwen
-- kanarip > -----Original Message----- > From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk] > Sent: Thursday, November 24, 2005 18:22 > To: Jeroen van Meeuwen > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > Ah, > > Disco! > > I am using localhost as the destination now and it works! > > Thanks Jeroen! > > Steve > > > -----Original Message----- > From: Jeroen van Meeuwen [mailto:kanarip@pczone-clan.nl] > Sent: 24 November 2005 17:02 > To: Steve McLaughlin > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > Steve, > > you could verify the tunnel by doing a netstat -an at both ends. This > could > be a firewall issue, that is, on one of both ends of the tunnel. > > Kind regards, > > Jeroen van Meeuwen > > -- > kanarip > > > -----Original Message----- > > From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk] > > Sent: Thursday, November 24, 2005 17:53 > > To: Jeroen van Meeuwen > > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > > > Connection refused occurs when I try to use VNC viewer normally for > > example. > > This is after I have connected to a bash shell with the Tunnel > settings > > in PuTTY > > > > Any suggestions? > > > > Steve > > > > > > -----Original Message----- > > From: Jeroen van Meeuwen [mailto:kanarip@pczone-clan.nl] > > Sent: 24 November 2005 12:55 > > To: Steve McLaughlin > > Cc: security-basics@securityfocus.com; pen-test@securityfocus.com > > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > > > Hi Steve, > > > > If port 443 is open, this enables you to tunnel any protocol. I'm > > confused > > with you saying you need to authenticate with the proxy server first. > > That > > would mean only port 80 and 443 outbound _from the proxy_ is allowed > > through > > the firewall. If that proxy only supports Kerberos authentication, I > > don't > > know what shell client you could use. > > > > Anyway, here's the setup I currently use: I have an outside Linux box > > with > > SSHd on port 443, to which I log in using PuTTY, via an ISA 2004 > proxy, > > with > > Basic proxy authentication. Tunneling is an option in PuTTY, so that's > > what > > I use to tunnel my IMAP, RDP, VNC and SMTP. > > > > To get it working in your case, I'ld first verify if it's only the > proxy > > that is allowed through the firewall, and whether you are able to let > > PuTTY > > authenticate to the proxy. > > > > Kind regards, > > > > Jeroen van Meeuwen > > > > -- > > kanarip > > > > > -----Original Message----- > > > From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk] > > > Sent: Thursday, November 24, 2005 12:27 > > > To: Jeroen van Meeuwen > > > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > > > > > I want to RDP or VNC into my box back home, and we only have port 80 > > and > > > 443 open on the Firewall outbound and traffic first has to > > authenticate > > > through an ISA proxy with Kerberos authentication. > > > > > > Steve > > > > > > > > > -----Original Message----- > > > From: Jeroen van Meeuwen [mailto:kanarip@pczone-clan.nl] > > > Sent: 23 November 2005 19:55 > > > To: Steve McLaughlin; 'Richard Zaluski'; 'Jason T. Hallahan'; > > > security-basics@securityfocus.com; pen-test@securityfocus.com > > > Subject: RE: Tunelling RDP traffic over HTTP proxies. > > > > > > Hi Steve, > > > > > > Is it just a HTTP proxy (which possibly has a web proxy filter, like > > for > > > example ISA Server 2004, or a Squid / ASA implementation), or is it > > > capable > > > of HTTPS as well? > > > > > > Does it support Basic authentication or is it Windows Integrated > > (NTLM, > > > Kerberos, Negotiate)? > > > > > > Kind regards, > > > > > > Jeroen van Meeuwen > > > > > > -- > > > kanarip > > > > > > > -----Original Message----- > > > > From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk] > > > > Sent: Wednesday, November 23, 2005 17:45 > > > > To: Richard Zaluski; Jason T. Hallahan; > > > security-basics@securityfocus.com; > > > pen- > > > > test@securityfocus.com > > > > Subject: Tunelling RDP traffic over HTTP proxies. > > > > > > > > Hi list, > > > > > > > > Does anyone know of any solutions for tunnelling RDP traffic > through > > > an > > > > HTTP proxy? > > > > > > > > Thanks in Advance, > > > > Steve > > > > > > > > Visit us at http://www.aggreko.com > > > > > > > > Confidentiality Notice: This communication and any accompanying > > > attachments > > > > contain confidential information intended for a specific > individual > > > and > > > purpose. > > > > This communication is private and protected by law. If you are > not > > > the > > > intended > > > > recipient, you are hereby respectfully notified that any > > disclosures, > > > copying, > > > > forwarding or distribution, or the taking of any action based on > the > > > contents of > > > > this communication is strictly prohibited. > > > > > > > > > > > > > > ___________________________________________________________________ > > > > __ > > > > This email has been scanned by the MessageLabs Email Security > > System. > > > > For more information please visit http://www.messagelabs.com/email > > > > > > > > > > ___________________________________________________________________ > > > > ___ > > > > > > > > > > > > ___________________________________________________________________ > > > ___ > > > > > > This email has been scanned by the MessageLabs Email Security > System. > > > > > > ___________________________________________________________________ > > > ___ > > > > > > Visit us at http://www.aggreko.com > > > > > > Confidentiality Notice: This communication and any accompanying > > attachments > > > contain confidential information intended for a specific individual > > and > > purpose. > > > This communication is private and protected by law. If you are not > > the > > intended > > > recipient, you are hereby respectfully notified that any > disclosures, > > copying, > > > forwarding or distribution, or the taking of any action based on the > > contents of > > > this communication is strictly prohibited. > > > > > > > > > ___________________________________________________________________ > > > __ > > > This email has been scanned by the MessageLabs Email Security > System. > > > For more information please visit http://www.messagelabs.com/email > > > > > > ___________________________________________________________________ > > > ___ > > > > > > > ___________________________________________________________________ > > ___ > > > > This email has been scanned by the MessageLabs Email Security System. > > > ___________________________________________________________________ > > ___ > > > > Visit us at http://www.aggreko.com > > > > Confidentiality Notice: This communication and any accompanying > attachments > > contain confidential information intended for a specific individual > and > purpose. > > This communication is private and protected by law. If you are not > the > intended > > recipient, you are hereby respectfully notified that any disclosures, > copying, > > forwarding or distribution, or the taking of any action based on the > contents of > > this communication is strictly prohibited. > > > > > ___________________________________________________________________ > > __ > > This email has been scanned by the MessageLabs Email Security System. > > For more information please visit http://www.messagelabs.com/email > > > ___________________________________________________________________ > > ___ > > > ___________________________________________________________________ > ___ > > This email has been scanned by the MessageLabs Email Security System. > ___________________________________________________________________ > ___ > > Visit us at http://www.aggreko.com > > Confidentiality Notice: This communication and any accompanying attachments > contain confidential information intended for a specific individual and purpose. > This communication is private and protected by law. If you are not the intended > recipient, you are hereby respectfully notified that any disclosures, copying, > forwarding or distribution, or the taking of any action based on the contents of > this communication is strictly prohibited. > > ___________________________________________________________________ > __ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ___________________________________________________________________ > ___
- Previous message: Alessandro Bottonelli: "Re: ISO 17799"
- Maybe in reply to: Steve McLaughlin: "Tunelling RDP traffic over HTTP proxies."
- Next in thread: Steve McLaughlin: "RE: Tunelling RDP traffic over HTTP proxies."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
