Mercurial Mercurial > tips / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
up
authorOleksandr Gavenko <gavenkoa@gmail.com>
Fri, 06 Feb 2009 11:04:35 +0200
changeset 28 6c01de88f39e
parent 27 99584256fa88
child 29 49654be6f3ec
child 30 dfe25e0fd9a2
up
port.rst file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/port.rst	Fri Feb 06 11:04:35 2009 +0200
@@ -0,0 +1,92 @@
+-*- outline -*-
+
+* Port forwarding.
+
+  $ ssh -L 8888:www.linuxhorizon.ro:80 user@computer -N
+  $ ssh -L 8888:www.linuxhorizon.ro:80 -L 110:mail.linuxhorizon.ro:110 \
+    25:mail.linuxhorizon.ro:25 user@computer -N
+
+The second example (see above) show you how to setup your ssh tunnel for web, pop3
+and smtp. It is useful to recive/send your e-mails when you don't have direct access
+to the mail server.
+
+For the ASCII art and lynx browser fans here is illustrated the first example:
+
+   +----------+<--port 22-->+----------+<--port 80-->o-----------+
+   |SSH Client|-------------|ssh_server|-------------|   host    |
+   +----------+             +----------+             o-----------+
+  localhost:8888              computer      www.linuxhorizon.ro:80
+
+* Port listening.
+
+Connect to a server:
+
+  $ nc hostname port
+
+Be a server:
+
+  $ nc -l -p port
+
+* Simple filetransfer.
+
+Serve a file:
+
+  $ nc -l -p port < file
+
+Receive a file:
+
+  $ nc hostname port > file
+
+* Filesystem cloning.
+
+Serve the filesystem:
+
+  $ tar cOPp --same-owner / | nc -l -p port
+
+Receive the filesystem:
+
+  $ nc -w3 hostname port | tar xPp
+
+* Disk cloning.
+
+Serve the disk image:
+
+  $ dd if=/dev/hda | nc -l -p port
+
+Receive the image:
+
+  $ nc -w3 hostname port | dd of=/dev/hda
+
+* Encrypted, compressed and IP restricted filetransfer.
+
+If combining encryption and compression, be sure to compress first then
+encrypt when sending and reverse the order for receiving. Do not attempt to
+encrypt then compress. Compression works by finding patterns which are
+destroyed intentionally by the process of encryption. Also, though not
+required, specifying the IP address of the host that will be transferring the
+file is a good idea.
+
+Serving a compresssed, encrypted file from 192.168.0.1 to 192.168.0.2:
+
+  $ gzip -c < file | openssl aes-128-cbc -e -k thispassword | nc -l 192.168.0.2 12345
+
+Receiving, decrypting and decompressing that file:
+
+  $ nc 192.168.0.1 12345 | openssl aes-128-cbc -d -k thispassword | gunzip -c > file
+
+* Scan with nmap.
+
+TODO
+
+* Scan with netcat.
+
+  $ nc -v -w 2 -z hostname portrange
+  $ nc -v -w 2 -z hostname portlisting
+
+Where portrange is for example "10-20" to scan all ports between 10 and 20,
+portlisting is for example 11,20,135 will scan these ports.
+
+I just tried this on windows xp, and the comma separated list of ports does
+NOT work. Instead, use space separated list. eg:
+
+  cmd> nc.exe -vv -w 2 -z www.example.com 20-25 79 80 110 137-139 443
tips