.. -*- coding: utf-8; -*-=============== Network port.===============.. contents:: :local:Port forwarding.================:: $ ssh -L 8888:www.linuxhorizon.ro:80 user@computer -N $ ssh -L 8888:www.linuxhorizon.ro:80 -L 110:mail.linuxhorizon.ro:110 \ 25:mail.linuxhorizon.ro:25 user@computer -NThe second example (see above) show you how to setup your ssh tunnel for web, pop3and smtp. It is useful to recive/send your e-mails when you don't have direct accessto the mail server.For the ASCII art and lynx browser fans here is illustrated the first example:: +----------+<--port 22-->+----------+<--port 80-->o-----------+ |SSH Client|-------------|ssh_server|-------------| host | +----------+ +----------+ o-----------+ localhost:8888 computer www.linuxhorizon.ro:80Reverse SSH Tunneling.======================Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you canwith reverse SSH tunneling. This document will show you step by step how to setup reverse SSH tunneling. The reverse SSH tunneling should work fine with Unixlike systems.Let's assume that Destination's IP is 192.168.20.55 (Linux box that you want toaccess).You want to access from Linux client with IP 138.47.99.99.Destination (192.168.20.55) <- NAT <- Source (138.47.99.99)SH from the destination to the source (with public ip) using command below:: $ ssh -R 19999:localhost:22 sourceuser@138.47.99.99port 19999 can be any unused port. Now you can SSH from source to destinationthrough SSH tuneling:: $ ssh localhost -p 199993rd party servers can also access 192.168.20.55 through Destination(138.47.99.99). Destination:: (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob's serverFrom Bob's server:: $ ssh sourceuser@138.47.99.99After the sucessful login to Source:: $ ssh localhost -p 19999The connection between destination and source must be alive at all time. Tip:you may run a command (e.g. watch, top) on Destination to keep the connectionactive.Port listening.===============Connect to a server:: $ nc hostname portBe a server:: $ nc -l -p portSimple filetransfer.====================Serve a file:: $ nc -l -p port < fileReceive a file:: $ nc hostname port > fileFilesystem cloning.===================Serve the filesystem:: $ tar cOPp --same-owner / | nc -l -p portReceive the filesystem:: $ nc -w3 hostname port | tar xPpDisk cloning.=============Serve the disk image:: $ dd if=/dev/hda | nc -l -p portReceive the image:: $ nc -w3 hostname port | dd of=/dev/hdaEncrypted, compressed and IP restricted filetransfer.=====================================================If combining encryption and compression, be sure to compress first thenencrypt when sending and reverse the order for receiving. Do not attempt toencrypt then compress. Compression works by finding patterns which aredestroyed intentionally by the process of encryption. Also, though notrequired, specifying the IP address of the host that will be transferring thefile is a good idea.Serving a compresssed, encrypted file from 192.168.0.1 to 192.168.0.2:: $ gzip -c < file | openssl aes-128-cbc -e -k thispassword | nc -l 192.168.0.2 12345Receiving, decrypting and decompressing that file:: $ nc 192.168.0.1 12345 | openssl aes-128-cbc -d -k thispassword | gunzip -c > fileScan with nmap.===============:: $ nmap HOSTNAMEScan with netcat.=================:: $ nc -v -w 2 -z hostname portrange $ nc -v -w 2 -z hostname portlistingWhere portrange is for example "10-20" to scan all ports between 10 and 20,portlisting is for example 11,20,135 will scan these ports.I just tried this on windows xp, and the comma separated list of ports doesNOT work. Instead, use space separated list. eg:: cmd> nc.exe -vv -w 2 -z www.example.com 20-25 79 80 110 137-139 443