LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-30-2009, 01:53 PM   #1
CoffeeKing!!!
Member
 
Registered: Mar 2008
Posts: 117

Rep: Reputation: Disabled
Can I hide the ip address and port of my sshd connection?


Hi
When using lsof -i on my server, I can can get the IP address and port number of a clients ssh connection. Is there a way that the client could avoid giving up this information without using proxies?
 
Old 07-30-2009, 02:04 PM   #2
karamarisan
Member
 
Registered: Jul 2009
Location: Illinois, US
Distribution: Fedora 11
Posts: 374

Rep: Reputation: 55
Not really. How would your ssh server know where to send the packets that make up its half of the connection if it didn't know the IP and port from which the client was connecting?
 
Old 08-09-2009, 11:58 AM   #3
akiku
Member
 
Registered: Jun 2009
Distribution: Slackware
Posts: 62

Rep: Reputation: 17
Quote:
Originally Posted by karamarisan View Post
Not really. How would your ssh server know where to send the packets that make up its half of the connection if it didn't know the IP and port from which the client was connecting?
Actually there is, by using Tor. See http://www.debianadmin.com/tag/ssh-tor-anonymous
 
Old 08-09-2009, 06:26 PM   #4
karamarisan
Member
 
Registered: Jul 2009
Location: Illinois, US
Distribution: Fedora 11
Posts: 374

Rep: Reputation: 55
You're not considering Tor a proxy?
 
Old 08-09-2009, 07:31 PM   #5
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Tor won't hide it. It will obfuscate it. If you did this from a workplace environment, it would stand out. We usually watch for all Tor and even SSH connections, even on non-standard ports. Tor is an anonymizer, but it won't hide any service ports. You can't hide any service ports that you want open to client software, but you can harden them. There's a forum sticky on hardening the SSH service at http://www.linuxquestions.org/questi...tempts-340366/. and be careful, because most corporate policy frown upon using SSH to connect out of their networks. Some even terminate people for doing this. It is much harder to hide than you think (I've tried and been reported). For some people, this may not hinder them, but in the US economy, this is a bad time to be getting fired.

Just my 2 cents.

Last edited by unixfool; 08-09-2009 at 07:39 PM.
 
Old 08-09-2009, 07:40 PM   #6
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Quote:
Originally Posted by karamarisan View Post
You're not considering Tor a proxy?
LOL. I was thinking the same thing.
 
Old 08-09-2009, 07:45 PM   #7
akiku
Member
 
Registered: Jun 2009
Distribution: Slackware
Posts: 62

Rep: Reputation: 17
Evidently I skipped over that prerequisite.
CoffeeKing!!!, is there a particular reason you need to avoid using a proxy?
Tor is specifically designed to do what you want.
 
Old 08-10-2009, 02:06 PM   #8
CoffeeKing!!!
Member
 
Registered: Mar 2008
Posts: 117

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by akiku View Post
Evidently I skipped over that prerequisite.
CoffeeKing!!!, is there a particular reason you need to avoid using a proxy?
Tor is specifically designed to do what you want.
I don't want to avoid using a proxy, I was just wondering if ssh or linux had some built in ways to connect a ssh session without giving up port and ip addr info. I was exploring lsof and seeing that information grabbed my curiosity. I didn't even know that Tor and ssh could be used together. I'm glad that I asked my original question here and have gotten all this info. Thanks for taking the time to answer, folks.

Last edited by CoffeeKing!!!; 08-10-2009 at 02:09 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
RSH connect to address 192.168.1.xxx port 544: Connection refused Permission denied chackercon Linux - Networking 8 04-23-2009 02:06 AM
Hide HW address ebasi Linux - Security 6 08-16-2006 03:06 AM
Hide my ip address Richie55 Linux - General 5 01-31-2006 03:41 PM
How to hide IP Address swiftsage Fedora 3 09-02-2005 12:05 PM
hide ip address treotan Linux - Networking 2 08-02-2004 08:02 AM


All times are GMT -5. The time now is 11:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration