Tunnelling nntp
From: Lisa Becktold {CADIG STAFF} (lisa_at_cadig2.usna.navy.mil)
Date: 06/20/03
- Previous message: Nick Williams: "vnc over ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Jun 2003 17:13:52 -0400
Hi:
I have been told that my incoming Internet News feed (nntp/port 119) must
be tunnelled over ssh. Port 119 will be shut down at the firewall;
the only way I can get a newsfeed is if my remote news server tunnels
the newsfeed through ssh to get through our firewall and to my news server.
So now I am trying to tunnel nntp over ssh. Once I figure it out,
I will have to ask my remote news server if he will consider
implementing the same thing.
I have set up a test scenario between two local news servers within
our firewall. One news server (server1) is the newsfeed; it's
batching up article files for another news server (server2). Server1
runs nntpsend to transfer the files to server2.
*****************************************************************
NOTE: In the "real" world, outside the test scenario, a remote news
server is my actual newsfeed. That remote server will have to tunnel the
feed through ssh to get through our firewall and reach my news server.
Server1 is standing in for that remote news server in my test scenario.
Whatever I implement on server1 will have to be implemented on the
remote news server.
*****************************************************************
I need a sanity check! My understanding of ssh tunnelling may be
simplistic or downright wrong. Here's what I'm doing:
On server1, I type this command:
/usr/local/bin/ssh -v -L 3002:localhost:119 server2
I'm assuming (perhaps incorrectly) that:
. nntp traffic on server1 is now routed to local port 3002;
. ssh encrypts traffic going to 3002 and sends it through the
ssh connection to the remote machine (server2)
. The "remote" machine, server2, receives the data
sent over the ssh connection, decrypts it and sends it
to port 119 on server2
. Any status info that server2 generates is sent
from 119 to ssh, and routed back to server1 via the ssh
connection. Once the status info reaches server1, it is
decrypted and sent to port 3002.
Is this correct? Or have I misunderstood?
Now for some port checking...After typing the ssh command above, I type
"netstat -a" on server1 to check port 3002, and see this entry:
*.3002 *.* 0 0 0 0 LISTEN
I'm assuming that I can now route nntp traffic from server1 (the newsfeed)
to server2 through ssh. On server1, I type:
nntpsend -d
This actually sends the news articles, but I'm not sure they're being routed
via port 3002 or ssh. When I look at "snoop" output, the only reference
I see is to NNTP port 33250.
# snoop server1
Using device /dev/hme (promiscuous mode)
server1 -> server2 NNTP C port=33250
server2 -> server1 NNTP R port=33250
server1 -> server2 NNTP C port=33250
server2 -> server1 NNTP R port=33250 200 server2
server1 -> server2 NNTP C port=33250
server1 -> server2 NNTP C port=33250 mode stream\r\n
server2 -> server1 NNTP R port=33250
server2 -> server1 NNTP R port=33250 203 StreamOK.\r\n
How do I ensure that an outside server tunnels through ssh to reach
me? What are the commands that need to be executed? And how do
I verify that the traffic is indeed going through the ssh port?
Any clarification or advice would be much appreciated!!!!!
Lisa
--
----------------------------------------------------------
Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480
United States Naval Academy - CADIG
590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000
- Previous message: Nick Williams: "vnc over ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
