Mercurial Mercurial > tips / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
port.rst
author Oleksandr Gavenko <gavenkoa@gmail.com>
Thu, 09 Feb 2012 13:36:09 +0200
changeset 1238 53da16ba1897
parent 899 7b4265c8d324
permissions -rw-r--r--
-Xrunjdwp:transport

-*- mode: outline; coding: utf-8; -*-

* Port forwarding.

  $ ssh -L 8888:www.linuxhorizon.ro:80 user@computer -N
  $ ssh -L 8888:www.linuxhorizon.ro:80 -L 110:mail.linuxhorizon.ro:110 \
    25:mail.linuxhorizon.ro:25 user@computer -N

The second example (see above) show you how to setup your ssh tunnel for web, pop3
and smtp. It is useful to recive/send your e-mails when you don't have direct access
to the mail server.

For the ASCII art and lynx browser fans here is illustrated the first example:

   +----------+<--port 22-->+----------+<--port 80-->o-----------+
   |SSH Client|-------------|ssh_server|-------------|   host    |
   +----------+             +----------+             o-----------+
  localhost:8888              computer      www.linuxhorizon.ro:80

* Port listening.

Connect to a server:

  $ nc hostname port

Be a server:

  $ nc -l -p port

* Simple filetransfer.

Serve a file:

  $ nc -l -p port < file

Receive a file:

  $ nc hostname port > file

* Filesystem cloning.

Serve the filesystem:

  $ tar cOPp --same-owner / | nc -l -p port

Receive the filesystem:

  $ nc -w3 hostname port | tar xPp

* Disk cloning.

Serve the disk image:

  $ dd if=/dev/hda | nc -l -p port

Receive the image:

  $ nc -w3 hostname port | dd of=/dev/hda

* Encrypted, compressed and IP restricted filetransfer.

If combining encryption and compression, be sure to compress first then
encrypt when sending and reverse the order for receiving. Do not attempt to
encrypt then compress. Compression works by finding patterns which are
destroyed intentionally by the process of encryption. Also, though not
required, specifying the IP address of the host that will be transferring the
file is a good idea.

Serving a compresssed, encrypted file from 192.168.0.1 to 192.168.0.2:

  $ gzip -c < file | openssl aes-128-cbc -e -k thispassword | nc -l 192.168.0.2 12345

Receiving, decrypting and decompressing that file:

  $ nc 192.168.0.1 12345 | openssl aes-128-cbc -d -k thispassword | gunzip -c > file

* Scan with nmap.

TODO

* Scan with netcat.

  $ nc -v -w 2 -z hostname portrange
  $ nc -v -w 2 -z hostname portlisting

Where portrange is for example "10-20" to scan all ports between 10 and 20,
portlisting is for example 11,20,135 will scan these ports.

I just tried this on windows xp, and the comma separated list of ports does
NOT work. Instead, use space separated list. eg:

  cmd> nc.exe -vv -w 2 -z www.example.com 20-25 79 80 110 137-139 443
tips