LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 02-21-2011, 01:32 PM   #1
L!NuS
LQ Newbie
 
Registered: Apr 2009
Location: Arab Nation
Distribution: Debian Lenny,Redhat el5
Posts: 16

Rep: Reputation: 0
Question bypass squid via ssh and http tunnel


Hello there! I'm a computer science student and i'm doing my graduation project, it's about tunneling traffic through a restrictive proxy/firewall, I decided to make the project about bypassing squid cache server via tunneling and here is my approach: since ssh v2 has the capability to dynamically make a port forwarding via establishing a socks proxy as follows:

ssh -D 9090 user@SomeRemoteServerIP
we can make an encrypted tunnel through the firewall, but what if the proxy server block any connection to any port except port 80?, yes I hear some one said, just change the port that sshd is listing on on the server side to port 80 now, what about if the proxy server at the university or the company is smart enough to inspect the content of the packet, not just the source and destanation ports? what if the proxy server even blocks the "connect" http method? now, my question is, is that possible to be a graduation project?, what is the right method to accomplish this correctly, what is the time frame that will take to be ready?, and what is the programming language that can do the job quickly, since I have a knowledge in Ruby, Java, C#, C.what is the language that has the power to do the job without getting involved in a wasting time debugging issues?.

thanks in advance.
 
Old 02-21-2011, 03:09 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
I don't really see what you'd be trying to achieve out of this. If a web proxy is going so far as to do inspection, then it's going to be much happier permitting an HTTPS CONNECT than arbitrary binary data, indeed the very point of a CONNECT is to allow a private data connection that it doesn't need to look at, but do it gracefully and with permission. you asked "what if the proxy server even blocks the "connect" http method?" well that's where you need to start asking yourself questions, not stop... IF there is something to this then it's probably behind this. So.... what if they do??
 
Old 02-22-2011, 12:59 PM   #3
damade
LQ Newbie
 
Registered: Feb 2011
Distribution: Red hat, Solaris, AIX, HP-UX, FreeBSD
Posts: 15

Rep: Reputation: 2
what about if the proxy server at the university or the company is smart enough to inspect the content of the packet, not just the source and destanation ports?

Squid dont inspect the content.
it just give you the connect method and let the data flow freely.


what if the proxy server even blocks the "connect" http method?

if squid dont allow connect method, no tunneling is posible.

by default squid allows the connect method only to the safe_ports (443)

this kind of tools had already been published,
and are available for download. google it.

salu2
 
Old 02-22-2011, 03:23 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
Yes but there are plenty of other proxy servers which behave in different ways. Squids are not the only fruit.
 
Old 02-22-2011, 05:56 PM   #5
L!NuS
LQ Newbie
 
Registered: Apr 2009
Location: Arab Nation
Distribution: Debian Lenny,Redhat el5
Posts: 16

Original Poster
Rep: Reputation: 0
Guys, there is smthing that you have not mentioned about yet.What about using the usual HTTP GET & POST methods to tunnel through the proxy server, I mean that we can send our maybe encrypted data via get and post, then the proxy server won't be able to inspect any thing!
Sure, on the server side there must be a HTTP server of our own to decapsulate the data and forward it to the right destination, then send it back encrypted to our client that is located behind the proxy server.
 
Old 02-22-2011, 09:38 PM   #6
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141

Rep: Reputation: 168Reputation: 168
Are you talking about something like corkscrew?
 
Old 02-23-2011, 02:53 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
Quote:
Originally Posted by L!NuS View Post
Guys, there is smthing that you have not mentioned about yet.What about using the usual HTTP GET & POST methods to tunnel through the proxy server, I mean that we can send our maybe encrypted data via get and post, then the proxy server won't be able to inspect any thing!
Sure, on the server side there must be a HTTP server of our own to decapsulate the data and forward it to the right destination, then send it back encrypted to our client that is located behind the proxy server.
things we have not mentioned yet? Pardon? I'm asking you to mention things. You've not said enough to establish a project at all, merely the thought from which you should then be establishing your proposal.
 
Old 02-23-2011, 06:08 AM   #8
damade
LQ Newbie
 
Registered: Feb 2011
Distribution: Red hat, Solaris, AIX, HP-UX, FreeBSD
Posts: 15

Rep: Reputation: 2
Quote:
Originally Posted by L!NuS View Post
Guys, there is smthing that you have not mentioned about yet.What about using the usual HTTP GET & POST methods to tunnel through the proxy server, I mean that we can send our maybe encrypted data via get and post, then the proxy server won't be able to inspect any thing!
Sure, on the server side there must be a HTTP server of our own to decapsulate the data and forward it to the right destination, then send it back encrypted to our client that is located behind the proxy server.

mmm... it seems very difficult.
You would need a "special" client and a "special" server.
besides, if you are trying to pass data as parameters of post, the permitted lenght is very short.

The connect method is a MUST.
 
Old 02-23-2011, 04:08 PM   #9
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
Quote:
Originally Posted by damade View Post
mmm... it seems very difficult.
You would need a "special" client and a "special" server.
besides, if you are trying to pass data as parameters of post, the permitted lenght is very short.

The connect method is a MUST.
well I guess it depends on what you're trying to achieve. There are ways to tunnel in all sorts of protocols, e.g. UDP DNS, but you've got the be pretty desperate to want to use it. Sometimes though, needs must.
 
Old 02-24-2011, 02:25 AM   #10
L!NuS
LQ Newbie
 
Registered: Apr 2009
Location: Arab Nation
Distribution: Debian Lenny,Redhat el5
Posts: 16

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by gilead View Post
Are you talking about something like corkscrew?
I think, yes it is like corkscrew, but I don't know how that program works.additionally, I have tested it month ago at the environment that I will implement my project on and it didn't work!.Recently, I asked the IT staff at my university about that and they answered me that there is something like a hardware firewall beside squid cache and squid isn't the responsible man about packet content inspection, just like some of you have mentioned in previous replies.Now, is it still possible to make such a project after you knew about the hardware firewall ?, if yes, then what are the methods to do it?.
Finally, please if any one of you guys have another suggestions or ideas about a project in "penetration testing or security area", I hope that you can share them with me as fast and precise as you can.
thanks in advance.
 
Old 02-24-2011, 02:31 AM   #11
L!NuS
LQ Newbie
 
Registered: Apr 2009
Location: Arab Nation
Distribution: Debian Lenny,Redhat el5
Posts: 16

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by damade View Post
mmm... it seems very difficult.
You would need a "special" client and a "special" server.
besides, if you are trying to pass data as parameters of post, the permitted lenght is very short.

The connect method is a MUST.
Then, after I mentioned in my recent post that I knew that there is a hardware firewall, are there any solutions, ideas or suggestions ?, If you have another ideas about a project relative to penetration testing or security, then please supply me with.

thanks!
 
Old 02-24-2011, 02:34 AM   #12
L!NuS
LQ Newbie
 
Registered: Apr 2009
Location: Arab Nation
Distribution: Debian Lenny,Redhat el5
Posts: 16

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by acid_kewpie View Post
well I guess it depends on what you're trying to achieve. There are ways to tunnel in all sorts of protocols, e.g. UDP DNS, but you've got the be pretty desperate to want to use it. Sometimes though, needs must.
Then, supply me with another idea relative to penetration testing or security fields, if it is difficult to achieve such thing.

thanks!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help for SSH tunnel through NTLM-authenticated HTTP proxy theYinYeti Linux - Networking 3 02-25-2012 02:15 PM
How do I set up an ssh tunnel through a http proxy? wilko Linux - Networking 2 03-10-2010 01:05 PM
Can i tunnel http via ssh without setting up a http proxy? ginda Linux - Networking 3 12-24-2009 04:25 AM
HTTP Tunnel in SLES 9 for SSH/SFTP, how to? JimCotoe Linux - Networking 2 05-13-2009 08:02 AM
Encrypting HTTP over SSH tunnel kleptophobiac Linux - Networking 5 08-20-2003 03:59 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 01:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration