Tunneling other protocols over TCP port 80

Tunneling other protocols over TCP port 80

[Bruno Negrão]

Hi guys,

I need to create a VPN to my linux server from a remote workstation(windows) 
inside a private network of another company. The LAN where the workstation is 
located is protected by a firewall. This firewall only lets pass through 
outgoing traffic to port 80(http).

I need this workstation to telnet a telnet server inside my private network. Is 
it possible to set up a tunnel over port 80 to create a VPN between the 
workstation and my gateway, so that the workstation can telnet my internal 
server?

The network administrator where this workstation is located is inaccessible, so 
I have to create this workaround.

Thank you,
-------------------------------------------------
Bruno Negrao - Support Analyst
Engepel Teleinformática. 55-31-34812311
Belo Horizonte, MG, Brazil 

Re: Tunneling other protocols over TCP port 80

[R. DuFresne]

[-- Attachment #1: Type: TEXT/PLAIN, Size: 1704 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I might be reading this incorrectly, but the way I do read it you are 
thinking of breaking a security policy to connect to your home network 
from a work location?

Thanks,

Ron DuFresne

On Tue, 21 Jun 2005, Bruno Negrão wrote:

> Hi guys,
>
> I need to create a VPN to my linux server from a remote workstation(windows) 
> inside a private network of another company. The LAN where the workstation is 
> located is protected by a firewall. This firewall only lets pass through 
> outgoing traffic to port 80(http).
>
> I need this workstation to telnet a telnet server inside my private network. 
> Is it possible to set up a tunnel over port 80 to create a VPN between the 
> workstation and my gateway, so that the workstation can telnet my internal 
> server?
>
> The network administrator where this workstation is located is inaccessible, 
> so I have to create this workaround.
>
> Thank you,
> -------------------------------------------------
> Bruno Negrao - Support Analyst
> Engepel Teleinformática. 55-31-34812311
> Belo Horizonte, MG, Brazil 
>

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCuGeDst+vzJSwZikRAgh2AJ0Ss1sElKLuDkTfMETWhveZTV8/oQCeJ0oQ
DcnCWavJ6bdxE2ZSuZeo1ok=
=v+xC
-----END PGP SIGNATURE-----

Re: Tunneling other protocols over TCP port 80

[Damon Gray]

[-- Attachment #1: Type: TEXT/PLAIN, Size: 1088 bytes --]


Bad security policies aside.... :)

You could always run the telnet server on port 80. Or run netcat (aka nc) 
on the box on port 80 redirecting to port 23.

-Damon-

On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:

> Hi guys,
>
> I need to create a VPN to my linux server from a remote workstation(windows) 
> inside a private network of another company. The LAN where the workstation is 
> located is protected by a firewall. This firewall only lets pass through 
> outgoing traffic to port 80(http).
>
> I need this workstation to telnet a telnet server inside my private network. 
> Is it possible to set up a tunnel over port 80 to create a VPN between the 
> workstation and my gateway, so that the workstation can telnet my internal 
> server?
>
> The network administrator where this workstation is located is inaccessible, 
> so I have to create this workaround.
>
> Thank you,
> -------------------------------------------------
> Bruno Negrao - Support Analyst
> Engepel Teleinformática. 55-31-34812311
> Belo Horizonte, MG, Brazil 
>
>
>

Re: Tunneling other protocols over TCP port 80

[Damon Gray]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed, Size: 2429 bytes --]


Then if you wanted better security (not in the clear telnet) then you can 
use ssh tunneling to port 80.

-Damon-

On Tue, 21 Jun 2005, R. DuFresne wrote:

> On Tue, 21 Jun 2005, Damon Gray wrote:
>
>> 
>> Bad security policies aside.... :)
>> 
>> You could always run the telnet server on port 80. Or run netcat (aka nc) 
>> on
>> the box on port 80 redirecting to port 23.
>> 
>
> He could, if he wanted to really violate the policies in place and tunnel
> traffic in the clear.  he's actually asking about something that would be
> deemed a tad more seucre/private in nature, though still likely a
> violation os the security policies currently in place and thus subjecting
> himself to likely termination once the tunnel was discovered, let alone
> potential prosecution.
>
>
> Thanks,
>
> Ron DuFresne
>
>> 
>> On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:
>> 
>>> Hi guys,
>>> 
>>> I need to create a VPN to my linux server from a remote
>>> workstation(windows) inside a private network of another company. The LAN
>>> where the workstation is located is protected by a firewall. This firewall
>>> only lets pass through outgoing traffic to port 80(http).
>>> 
>>> I need this workstation to telnet a telnet server inside my private
>>> network. Is it possible to set up a tunnel over port 80 to create a VPN
>>> between the workstation and my gateway, so that the workstation can telnet
>>> my internal server?
>>> 
>>> The network administrator where this workstation is located is
>>> inaccessible, so I have to create this workaround.
>>> 
>>> Thank you,
>>> -------------------------------------------------
>>> Bruno Negrao - Support Analyst
>>> Engepel Teleinformática. 55-31-34812311
>>> Belo Horizonte, MG, Brazil
>>> 
>> 
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        admin & senior security consultant:  sysinfo.com
>                        http://sysinfo.com
> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
>
> ...We waste time looking for the perfect lover
> instead of creating the perfect love.
>
>                -Tom Robbins <Still Life With Woodpecker>
> ------------ Output from gpg ------------
> gpg: Signature made Tue Jun 21 15:49:44 2005 EDT using DSA key ID 94B06629
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> gpg: Can't check signature: public key not found
>
>

Re: Tunneling other protocols over TCP port 80

[R. DuFresne]

[-- Attachment #1: Type: TEXT/PLAIN, Size: 2196 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 21 Jun 2005, Damon Gray wrote:

>
> Bad security policies aside.... :)
>
> You could always run the telnet server on port 80. Or run netcat (aka nc) on 
> the box on port 80 redirecting to port 23.
>

He could, if he wanted to really violate the policies in place and tunnel 
traffic in the clear.  he's actually asking about something that would be 
deemed a tad more seucre/private in nature, though still likely a 
violation os the security policies currently in place and thus subjecting 
himself to likely termination once the tunnel was discovered, let alone 
potential prosecution.


Thanks,

Ron DuFresne

>
> On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:
>
>> Hi guys,
>> 
>> I need to create a VPN to my linux server from a remote 
>> workstation(windows) inside a private network of another company. The LAN 
>> where the workstation is located is protected by a firewall. This firewall 
>> only lets pass through outgoing traffic to port 80(http).
>> 
>> I need this workstation to telnet a telnet server inside my private 
>> network. Is it possible to set up a tunnel over port 80 to create a VPN 
>> between the workstation and my gateway, so that the workstation can telnet 
>> my internal server?
>> 
>> The network administrator where this workstation is located is 
>> inaccessible, so I have to create this workaround.
>> 
>> Thank you,
>> -------------------------------------------------
>> Bruno Negrao - Support Analyst
>> Engepel Teleinformática. 55-31-34812311
>> Belo Horizonte, MG, Brazil 
>> 
>

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCuG9Yst+vzJSwZikRAgeQAJkBQRMIkhqTvT9XAUU5Ri5e+ybzigCgzXEA
AvPSv6yw4Em98204pnSEhWk=
=iaYC
-----END PGP SIGNATURE-----

Re: Tunneling other protocols over TCP port 80

[Bruno Negrão]

Hi Ron,

Thanks for the warning. Actually, we already tried to create a PPTP vpn from 
that client to my gateway server, but the remote network administrator couldn't 
manage his equipment to let the appropriate packages to pass. (he doesn't 
understand GRE no way).

I will inform him we're setting up this new vpn tunnel. I just don't want to ask 
him to move, since he doesn't have the skills to make it.

Damon, thanks for the note on the ssh tunnel. Can you point me a document to 
look for this kind of configuration?

Regards,
Bruno.

----- Original Message ----- 
From: "R. DuFresne" <dufresne@sysinfo.com>
To: "Damon Gray" <dgray@internap.com>
Cc: "Bruno Negrão" <vpopmail@engepel.com.br>; <netfilter@lists.netfilter.org>
Sent: Tuesday, June 21, 2005 4:49 PM
Subject: Re: Tunneling other protocols over TCP port 80


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 21 Jun 2005, Damon Gray wrote:
>
>>
>> Bad security policies aside.... :)
>>
>> You could always run the telnet server on port 80. Or run netcat (aka nc) on
>> the box on port 80 redirecting to port 23.
>>
>
> He could, if he wanted to really violate the policies in place and tunnel
> traffic in the clear.  he's actually asking about something that would be
> deemed a tad more seucre/private in nature, though still likely a
> violation os the security policies currently in place and thus subjecting
> himself to likely termination once the tunnel was discovered, let alone
> potential prosecution.
>
>
> Thanks,
>
> Ron DuFresne
>
>>
>> On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:
>>
>>> Hi guys,
>>>
>>> I need to create a VPN to my linux server from a remote
>>> workstation(windows) inside a private network of another company. The LAN
>>> where the workstation is located is protected by a firewall. This firewall
>>> only lets pass through outgoing traffic to port 80(http).
>>>
>>> I need this workstation to telnet a telnet server inside my private
>>> network. Is it possible to set up a tunnel over port 80 to create a VPN
>>> between the workstation and my gateway, so that the workstation can telnet
>>> my internal server?
>>>
>>> The network administrator where this workstation is located is
>>> inaccessible, so I have to create this workaround.
>>>
>>> Thank you,
>>> -------------------------------------------------
>>> Bruno Negrao - Support Analyst
>>> Engepel Teleinformática. 55-31-34812311
>>> Belo Horizonte, MG, Brazil
>>>
>>
>
> - -- 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>         admin & senior security consultant:  sysinfo.com
>                         http://sysinfo.com
> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
>
> ...We waste time looking for the perfect lover
> instead of creating the perfect love.
>
>                 -Tom Robbins <Still Life With Woodpecker>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFCuG9Yst+vzJSwZikRAgeQAJkBQRMIkhqTvT9XAUU5Ri5e+ybzigCgzXEA
> AvPSv6yw4Em98204pnSEhWk=
> =iaYC
> -----END PGP SIGNATURE----- 

Re: Tunneling other protocols over TCP port 80

[Damon Gray]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed, Size: 4323 bytes --]


The easiest way would probably be to do the following:

On the remote linux host, run SSH on port 80 (or possibly use netcat to 
forward port 80 to port 22 or look into iptables REDIRECT target).

Then if you want to be able to use telnet (which isn't necessary if you 
are running ssh to the box but maybe there is some other need for telnet 
like automation of something, "I don't want to know" ;)

Then run ssh on the internal box:

ssh -p 80 -L 2023:localhost:23 <outsideboxip>

Then on the local box you can "telnet localhost 2023" and you will be 
magically connected to port 23 on the outside box but over an encrypted 
tunnel.

If you don't have OpenSSH on the windows box you can use putty for port 
forwarding, I think.

Disclaimer: I hold no responsability for what this technique is being used 
for. I like giving solutions, I don't want to know why. :)

For more info "man ssh" or 
http://www.oreillynet.com/pub/a/wireless/2001/02/23/wep.html

-Damon-

On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:

> Hi Ron,
>
> Thanks for the warning. Actually, we already tried to create a PPTP vpn from 
> that client to my gateway server, but the remote network administrator 
> couldn't manage his equipment to let the appropriate packages to pass. (he 
> doesn't understand GRE no way).
>
> I will inform him we're setting up this new vpn tunnel. I just don't want to 
> ask him to move, since he doesn't have the skills to make it.
>
> Damon, thanks for the note on the ssh tunnel. Can you point me a document to 
> look for this kind of configuration?
>
> Regards,
> Bruno.
>
> ----- Original Message ----- From: "R. DuFresne" <dufresne@sysinfo.com>
> To: "Damon Gray" <dgray@internap.com>
> Cc: "Bruno Negrão" <vpopmail@engepel.com.br>; <netfilter@lists.netfilter.org>
> Sent: Tuesday, June 21, 2005 4:49 PM
> Subject: Re: Tunneling other protocols over TCP port 80
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> On Tue, 21 Jun 2005, Damon Gray wrote:
>> 
>>> 
>>> Bad security policies aside.... :)
>>> 
>>> You could always run the telnet server on port 80. Or run netcat (aka nc) 
>>> on
>>> the box on port 80 redirecting to port 23.
>>> 
>> 
>> He could, if he wanted to really violate the policies in place and tunnel
>> traffic in the clear.  he's actually asking about something that would be
>> deemed a tad more seucre/private in nature, though still likely a
>> violation os the security policies currently in place and thus subjecting
>> himself to likely termination once the tunnel was discovered, let alone
>> potential prosecution.
>> 
>> 
>> Thanks,
>> 
>> Ron DuFresne
>> 
>>> 
>>> On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:
>>> 
>>>> Hi guys,
>>>> 
>>>> I need to create a VPN to my linux server from a remote
>>>> workstation(windows) inside a private network of another company. The LAN
>>>> where the workstation is located is protected by a firewall. This 
>>>> firewall
>>>> only lets pass through outgoing traffic to port 80(http).
>>>> 
>>>> I need this workstation to telnet a telnet server inside my private
>>>> network. Is it possible to set up a tunnel over port 80 to create a VPN
>>>> between the workstation and my gateway, so that the workstation can 
>>>> telnet
>>>> my internal server?
>>>> 
>>>> The network administrator where this workstation is located is
>>>> inaccessible, so I have to create this workaround.
>>>> 
>>>> Thank you,
>>>> -------------------------------------------------
>>>> Bruno Negrao - Support Analyst
>>>> Engepel Teleinformática. 55-31-34812311
>>>> Belo Horizonte, MG, Brazil
>>>> 
>>> 
>> 
>> - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>         admin & senior security consultant:  sysinfo.com
>>                         http://sysinfo.com
>> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
>> 
>> ...We waste time looking for the perfect lover
>> instead of creating the perfect love.
>> 
>>                 -Tom Robbins <Still Life With Woodpecker>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.4 (GNU/Linux)
>> 
>> iD8DBQFCuG9Yst+vzJSwZikRAgeQAJkBQRMIkhqTvT9XAUU5Ri5e+ybzigCgzXEA
>> AvPSv6yw4Em98204pnSEhWk=
>> =iaYC
>> -----END PGP SIGNATURE----- 
>
>
>
>

Re: Tunneling other protocols over TCP port 80

[R. DuFresne]

[-- Attachment #1: Type: TEXT/PLAIN, Size: 4782 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Bruno,

Hope you mind not really my asking about site policy before stepping into 
the fire.  the man page for sshd is a good place to start, you'll find you 
can add a -p port setting to the startup of sshd and I'm sure there is a 
setting in the sshd_conf files for a binding port,. in your case 80.  Then 
a quick look over the man page for ssh will show that you'll also need to 
tell the client <ssh> via the -p option which port to look for the sshd on 
the far end you are trying to reach.  Make sure the sec admin is aware of 
this bypass tunnel and put into sshd/tcpd options to limit connections to 
only those that would use this tunnel, it will be found by those scanning 
nets for entry points so do not relay upon the obscurity through security 
methods that some feel warm and fuzzy with.

Thanks,

Ron DuFresne

On Tue, 21 Jun 2005, Bruno Negrão wrote:

> Hi Ron,
>
> Thanks for the warning. Actually, we already tried to create a PPTP vpn from 
> that client to my gateway server, but the remote network administrator 
> couldn't manage his equipment to let the appropriate packages to pass. (he 
> doesn't understand GRE no way).
>
> I will inform him we're setting up this new vpn tunnel. I just don't want to 
> ask him to move, since he doesn't have the skills to make it.
>
> Damon, thanks for the note on the ssh tunnel. Can you point me a document to 
> look for this kind of configuration?
>
> Regards,
> Bruno.
>
> ----- Original Message ----- From: "R. DuFresne" <dufresne@sysinfo.com>
> To: "Damon Gray" <dgray@internap.com>
> Cc: "Bruno Negrão" <vpopmail@engepel.com.br>; <netfilter@lists.netfilter.org>
> Sent: Tuesday, June 21, 2005 4:49 PM
> Subject: Re: Tunneling other protocols over TCP port 80
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> On Tue, 21 Jun 2005, Damon Gray wrote:
>> 
>>> 
>>> Bad security policies aside.... :)
>>> 
>>> You could always run the telnet server on port 80. Or run netcat (aka 
>>> nc) on
>>> the box on port 80 redirecting to port 23.
>>> 
>> 
>> He could, if he wanted to really violate the policies in place and tunnel
>> traffic in the clear.  he's actually asking about something that would be
>> deemed a tad more seucre/private in nature, though still likely a
>> violation os the security policies currently in place and thus subjecting
>> himself to likely termination once the tunnel was discovered, let alone
>> potential prosecution.
>> 
>> 
>> Thanks,
>> 
>> Ron DuFresne
>> 
>>> 
>>> On Tue, 21 Jun 2005, [iso-8859-1] Bruno Negrão wrote:
>>> 
>>>> Hi guys,
>>>> 
>>>> I need to create a VPN to my linux server from a remote
>>>> workstation(windows) inside a private network of another company. The 
>>>> LAN
>>>> where the workstation is located is protected by a firewall. This 
>>>> firewall
>>>> only lets pass through outgoing traffic to port 80(http).
>>>> 
>>>> I need this workstation to telnet a telnet server inside my private
>>>> network. Is it possible to set up a tunnel over port 80 to create a 
>>>> VPN
>>>> between the workstation and my gateway, so that the workstation can 
>>>> telnet
>>>> my internal server?
>>>> 
>>>> The network administrator where this workstation is located is
>>>> inaccessible, so I have to create this workaround.
>>>> 
>>>> Thank you,
>>>> -------------------------------------------------
>>>> Bruno Negrao - Support Analyst
>>>> Engepel Teleinformática. 55-31-34812311
>>>> Belo Horizonte, MG, Brazil
>>>> 
>>> 
>> 
>> - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>         admin & senior security consultant:  sysinfo.com
>>                         http://sysinfo.com
>> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
>> 
>> ...We waste time looking for the perfect lover
>> instead of creating the perfect love.
>> 
>>                 -Tom Robbins <Still Life With Woodpecker>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.4 (GNU/Linux)
>> 
>> iD8DBQFCuG9Yst+vzJSwZikRAgeQAJkBQRMIkhqTvT9XAUU5Ri5e+ybzigCgzXEA
>> AvPSv6yw4Em98204pnSEhWk=
>> =iaYC
>> -----END PGP SIGNATURE----- 
>
>

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCuHaust+vzJSwZikRAhHJAKC4E3417lftYHwisbY7KbhVfVFeEQCfdnGs
yvVGLpRTOVFmv6xtdJPCJhY=
=D4XD
-----END PGP SIGNATURE-----

Re: Tunneling other protocols over TCP port 80

[CompuGenic]

If all you want is a remote and/or secure shell, just use SSH like the 
others already said. If you MUST have full VPN, setup OpenVPN on the 
remote linux box, as it can run on any single TCP/UDP port. See 
http://openvpn.net/howto.html for details.

-Pablo


Bruno Negrão wrote:

> Hi guys,
>
> I need to create a VPN to my linux server from a remote 
> workstation(windows) inside a private network of another company. The 
> LAN where the workstation is located is protected by a firewall. This 
> firewall only lets pass through outgoing traffic to port 80(http).
>
> I need this workstation to telnet a telnet server inside my private 
> network. Is it possible to set up a tunnel over port 80 to create a 
> VPN between the workstation and my gateway, so that the workstation 
> can telnet my internal server?
>
> The network administrator where this workstation is located is 
> inaccessible, so I have to create this workaround.
>
> Thank you,
> -------------------------------------------------
> Bruno Negrao - Support Analyst
> Engepel Teleinformática. 55-31-34812311
> Belo Horizonte, MG, Brazil
>
>
>