samer Posted April 7, 2010 Share Posted April 7, 2010 (edited) Hi all... Well i have a simple problem. environment layout. home: PC, ADSL and a public ip - all good. work: my own pc, conected to the server farms via the corporate network , and all that behind a lot of firewalls, ids, ips's and similar (me not connecting from out) stuff :) the prob. : 1) Well team viewer and log me in work just fine but i tend to get those "you are violating corporate policy" mail so next step... 2) from hack 5 i got a lot info on ssh and tunneling but non of them incorporates a vpn or something like that, I can create a ssh connection to my home pc but i ne to get IN FROM MY HOME PC to my WORK pc(cant do it without a public ip) So i guess i need a solution something like... a need some type of SSL encrypted(for anyone analyzing the packet not to figure out or be able to prove what i am doing) vpn (to be abel to be in the same network as my work pc so i can telent to it and from it to the servers) and all that i suppose would have to go through a port 80 or 8080 as not to be blocked by the firewall :) Finlay:So it would / should look like my WORK PC is connecting to a SSL. site(for example i am checking my bank statement :) ) but in fact it is always connecting (and if the connection is broken reconnecting) to my HOME PC and letting me tunnel/telnet/ssh to it to gain access to my Corp. Env. and i have to be sure that no one can analyze/prove that i am remote accessing the network. SO what do you guys think ...??? all the best. Edited April 7, 2010 by samer Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 7, 2010 Share Posted April 7, 2010 (edited) I think that your corporation's IT policies are in place for a good reason. Edited April 7, 2010 by Psychosis Quote Link to comment Share on other sites More sharing options...
digip Posted April 7, 2010 Share Posted April 7, 2010 I think that your corporation's IT policies are in place for a good reason. QFT! Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 (edited) No offense but I think if you continue with what you are trying to do, you may not end up with a job. As what you are doing is potential a SECURITY BREACH. Trust me I know that from experience. Edited April 8, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 Hi Samer, Two things you can try, download the openSSL vpn. Darren did a segment on that, you might want to watch it. Second if you corporate are blocking ports, you might want to choose between these two ports 80 or 443. Third but not least, be careful what you do because your actions may haunt you later. Quote Link to comment Share on other sites More sharing options...
samer Posted April 8, 2010 Author Share Posted April 8, 2010 thank to all that gave some useful reply (Infiltrator) :) and all of the ...totally not so useful people :) also thanks for the worry of my livelihood :)... it is like this... being that the sec, admin is an ignorant and lazy guy he made the policy no access and that is the easiest thing to do.. for him of course.. now they do expect me to come (if needed) in the midle of the night to type "init 6" and go back home or to do a manual ufsdump or ufsrestore and sit there ... or something like that iss 300% in-practical if a was a different kind of user ok... but it is expected for a admin to have some kind of secure remote access right? if they did put up a secure remote access solution and i have a strong pass. is there any risk? well minimal.... well not to go on with the arguments and so on.. i know what is the risk and really if they do expect me to come to work to restart ,or sit there until some backup/restore is done (that i can do from home) well actually i don't want that retarded job :) in any case... but im' trying to do my homework and be as' careful and protective to my self(and the company :) as possible so... the question is open ssl vpn , is it 100% secure and undetectable? is there a footprint? can the direction that has initiated the comm be determined? can someone after auditing say, yes it is clear that you made a vpn to outside and then connected to the inside? Do you really think it can be dangerous or you just are saying it is not a good idea? what are the risks if i set it all up correctly? lets say i do use certificates.. i put my home ip as the only one that can connect.. come on it not a bank.. :) someone would have to spoof the ip,mac get around the certificates, and guess my password to get in? is that reasonable to get to some... hmm part numbers? :) Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 (edited) Umm! Edited April 8, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 (edited) "Tthe question is open ssl vpn , is it 100% secure and undetectable? is there a footprint? can the direction that has initiated the comm be determined? can someone after auditing say, yes it is clear that you made a vpn to outside and then connected to the inside?" Open SSL VPN, just like any banking web site uses https to encrypt the traffic, between the client and the server side. it can use either 128 or 256 bits of encryption to secure the connection, but using the https alone does not make it 100% secure. Furthermore to HTTPs Darren did a segment on how to strip the "S" from the https protocol using SSLStrip. I would recommend watching that Video. http://www.hak5.org/episodes/episode-610 Depending how the system administrator at your corporate configured the system/network, yes it is possible to determine if there has been an inbound or outbound connection made by you or any other user. Hope this helps Edited April 8, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 8, 2010 Share Posted April 8, 2010 (edited) I think you forgot to append some content to your post, Infiltrator. edit: I suppose a double-post works. Edited April 8, 2010 by Psychosis Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 I think you forgot to append some content to your post, Infiltrator. edit: I suppose a double-post works. What content? Which post? Quote Link to comment Share on other sites More sharing options...
Netshroud Posted April 8, 2010 Share Posted April 8, 2010 The post which consisted solely of a quote. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 Hi Samer, Two things you can try, download the openSSL vpn. Darren did a segment on that, you might want to watch it. Second if you corporate are blocking ports, you might want to choose between these two ports 80 or 443. Third but not least, be careful what you do because your actions may haunt you later. Sorry here are the missing links OpenVPN SSL download: http://sourceforge.net/projects/openvpn-als/ OpenVPN SSL Darren segment: http://www.hak5.org/episodes/episode-607 Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 The post which consisted solely of a quote. Does this help! Quote Link to comment Share on other sites More sharing options...
samer Posted April 8, 2010 Author Share Posted April 8, 2010 (edited) Hmm is there something like a gtalk agent ? that can let me issue commands and give me some reply? that would be the best!!! :) if i had gtalk running on a remote machine and it wold forward my commands to the server (telnet,ssh) and forward the servers reply through gtalk back to me?? that would be the best solution :) a gtalk agent :) just to add i know there is something similar for oracle.. to be able to do some quires and get replies using something like that.... and what do you think about easy-vpn.comodo ?? i tried using it but could not use the remote control function ... but i guess it does create.. some sort of vpn between the pc and a virtual net , and on my home pc i do the same.. and we are in tha same i guess sub-net... but something is not working properly using this but as a concept i think it would be gr8.. Edited April 8, 2010 by samer Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 (edited) Hmm is there something like a gtalk agent ? that can let me issue commands and give me some reply? that would be the best!!! :) if i had gtalk running on a remote machine and it wold forward my commands to the server (telnet,ssh) and forward the servers reply through gtalk back to me?? that would be the best solution :) a gtalk agent :) Hmm! Are you trying to build a botnet of armies or something? Give me a scenario where this could work. Edited April 8, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
aeiah Posted April 8, 2010 Share Posted April 8, 2010 the reason you aren't supposed to access your work computer from the outside world is because by the sounds of it, you connect to the servers internally through TELNET you might as well be shouting passwords at your colleagues from across the office. with the windows open. anyway.. everything is detectable, but perhaps you can consider using a reverse ssh tunnel on a port that's often used for something that wouldn't raise suspicion. you initiate the connection from your office, so it'll register as an outgoing port. they'll still be able to see where its going though and you'll never get around that unless you start using proxies and tor etc.. LogMeIn does something similar to reverse tunnelling i think, but probably uses default ports and phones home to their website. Quote Link to comment Share on other sites More sharing options...
samer Posted April 8, 2010 Author Share Posted April 8, 2010 (edited) Hmm! Are you trying to build a botnet of armies or something? Give me a scenario where this could work. botnet armies?? Come on ;) a scenario where this would work? Well I suppose my friend is using it at work to send some queries to the db and get replies... If that is what you meant by the q. or... I have a tep in the drive and from home a do a ufsdump... of a slice and i get a reply ufsdump complete and then i dump a second slice and i get a reply .. dumping 10...20...80% done... so i save 5-6 hrs of sitting there? :) Reverse ssh? Let me do a Google on that.. Edited April 8, 2010 by samer Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 9, 2010 Share Posted April 9, 2010 botnet armies?? Come on ;) a scenario where this would work? Well I suppose my friend is using it at work to send some queries to the db and get replies... If that is what you meant by the q. or... I have a tep in the drive and from home a do a ufsdump... of a slice and i get a reply ufsdump complete and then i dump a second slice and i get a reply .. dumping 10...20...80% done... so i save 5-6 hrs of sitting there? :) Reverse ssh? Let me do a Google on that.. I see if I can find something like that, and then I'll post it in here. Quote Link to comment Share on other sites More sharing options...
sandred Posted April 10, 2010 Share Posted April 10, 2010 (edited) Try dns tunneling with heyoka. It theoretically should work with existing open ports and give u RDP or ssh which ever is listening on ur master. Edited April 10, 2010 by sandyreddy Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.