# HG changeset patch # User Oleksandr Gavenko # Date 1328797668 -7200 # Node ID 714121bcb5ef51d318afc10a8d519f6347f24f73 # Parent 53da16ba1897465cd174d21226082e26e867d8b6 Convert to RST syntax. diff -r 53da16ba1897 -r 714121bcb5ef port.rst --- a/port.rst Thu Feb 09 13:36:09 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,92 +0,0 @@ --*- mode: outline; coding: utf-8; -*- - -* Port forwarding. - - $ ssh -L 8888:www.linuxhorizon.ro:80 user@computer -N - $ ssh -L 8888:www.linuxhorizon.ro:80 -L 110:mail.linuxhorizon.ro:110 \ - 25:mail.linuxhorizon.ro:25 user@computer -N - -The second example (see above) show you how to setup your ssh tunnel for web, pop3 -and smtp. It is useful to recive/send your e-mails when you don't have direct access -to the mail server. - -For the ASCII art and lynx browser fans here is illustrated the first example: - - +----------+<--port 22-->+----------+<--port 80-->o-----------+ - |SSH Client|-------------|ssh_server|-------------| host | - +----------+ +----------+ o-----------+ - localhost:8888 computer www.linuxhorizon.ro:80 - -* Port listening. - -Connect to a server: - - $ nc hostname port - -Be a server: - - $ nc -l -p port - -* Simple filetransfer. - -Serve a file: - - $ nc -l -p port < file - -Receive a file: - - $ nc hostname port > file - -* Filesystem cloning. - -Serve the filesystem: - - $ tar cOPp --same-owner / | nc -l -p port - -Receive the filesystem: - - $ nc -w3 hostname port | tar xPp - -* Disk cloning. - -Serve the disk image: - - $ dd if=/dev/hda | nc -l -p port - -Receive the image: - - $ nc -w3 hostname port | dd of=/dev/hda - -* Encrypted, compressed and IP restricted filetransfer. - -If combining encryption and compression, be sure to compress first then -encrypt when sending and reverse the order for receiving. Do not attempt to -encrypt then compress. Compression works by finding patterns which are -destroyed intentionally by the process of encryption. Also, though not -required, specifying the IP address of the host that will be transferring the -file is a good idea. - -Serving a compresssed, encrypted file from 192.168.0.1 to 192.168.0.2: - - $ gzip -c < file | openssl aes-128-cbc -e -k thispassword | nc -l 192.168.0.2 12345 - -Receiving, decrypting and decompressing that file: - - $ nc 192.168.0.1 12345 | openssl aes-128-cbc -d -k thispassword | gunzip -c > file - -* Scan with nmap. - -TODO - -* Scan with netcat. - - $ nc -v -w 2 -z hostname portrange - $ nc -v -w 2 -z hostname portlisting - -Where portrange is for example "10-20" to scan all ports between 10 and 20, -portlisting is for example 11,20,135 will scan these ports. - -I just tried this on windows xp, and the comma separated list of ports does -NOT work. Instead, use space separated list. eg: - - cmd> nc.exe -vv -w 2 -z www.example.com 20-25 79 80 110 137-139 443