nmap commands help
 

I am trying to test out something and i cant figure it out.

Basically, i want to have nmap send an ssh "packet" on port 5033 or random port to a test machine. Im not testing port blocking. Im testing service/protocol blocking

thanks

Not sure if this is what you are looking for: https://nmap.org/book/scan-methods-connect-scan.html

close. That scan still sends a tcp frame with a basic IP header destined for some port. If i use port 22, that tells nmap that most likely im scanning for ssh.

What i want to do is in the header file of the tcp frame, rather it having a generic service, i want it to be specifically ssh in the header, destined for port 25565 or whatever port i choose.

The reason being, if my test system is doing things correctly, it will read the tcp header, see ssh as the service and block it regardless of the port number.

You probably want scanssh instead. It will at least get the version of the SSH server you are connecting to.

However, I'm not sure how much of the SSH protocol it actually starts to use. You may have to use the SSH client itself and just attempt a connection.

interesting. I will look this up. My goal is to see if the DPI via IDS/IPS is blocking the actual ssh protocol regardless of port.

Im wanting some verbose output so i can kind of get the idea of whats going.

thanks for this tool. i am going to be looking it up now.

ok, i just tried the scanssh and its not yielding the results im looking for. I dont even know if what im looking for exists, but i swear it did back in the day. being able to wrap the ssh protocol in another protocol to test DPI systems.. or send raw ssh to a test firewall and see the output from the raw packet sender stating if the packets were dropped or passed.

i wonder if wireshark will help me out. i could test something i know works like a game server, then try ssh and see what the output is.

corkscrew can tunnel SSH over HTTP. The project web site shows only a blank page these days though it seems to still be in the latest repositories.

hmmmmmm. so if i try corcksrew, and the ssh makes it through, then i know that the DPI is blocking the ssh protocol. Man, so much testing just to get something implemented. I have to get this working at home and then integrate windows into the situation haha. I wish there was a usb tcp tunneling app that ran on windows. that would solve another issue haha

thanks for your help and time

Windows applications are usually a weak copy of some original. So if you find the original you can do the tunneling. Maybe that would be stunnel which could tunnel SSH over TLS.

Running SSH over OpenVPN would be another option.

oh, trust me, if i could do the vpn option i would, but sadly it wont run on a usb because it requires admin rights to install a dang driver or two.

i have vaguely heard of stunnel. i would like to research more about it. especially if i can get it to run off a usb on a pc with no admin rights haha

no this is not meant for a hit and run scenario. The usb tunnel is meant so clients, if they dont have their laptop, they can still access the ssh server from a library or university pc when not given any admin rights at all.

Your verbiage "usb tunnel" is misleading to me because USB is a hardware interface not a network protocol. Is your intention to get whatever you are trying to do to run on a USB thumb drive so it is portable? If so, then that makes sense.

lol, sorry, yes. a portable tcp tunnler that runs on USB. This way, persons can create a secure tunnel to the server from a windows 10 machine at the university or library. We dont always have our laptops with us when going places and on university or library pc's, dont have admin rights.

What does Vista10 have in any way to do with GNU/Linux here?

OP: better off asking in a windows forums or seeing if there is a portable VPN that can be used on a thumb drive.