Re: [ubuntu-uk] Little project
On Sat, 2010-10-16 at 08:02 +0100, Dan Attwood wrote: > Speaking as someone who works in a college IT department you > really shouldn't be doing this as you'll break the Terms of Use and > you're 'free' period should be spent studying and not on facebook. > Also this list shouldn't really be helping hack a system. > > > Speaking as a realist look at eyeos and NX server FreeNX and neatx run over ssh and provide full remote desktops that are much quicker then SSH and X11. There are PPA's for both on launchpad. At the server end (ie home) forward port 80 to port 22 on the machine where freenx/neatx are installed. Regards Dan -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
Speaking as someone who works in a college IT department you really shouldn't be doing this as you'll break the Terms of Use and you're 'free' period should be spent studying and not on facebook. Also this list shouldn't really be helping hack a system. Speaking as a realist look at eyeos and NX server -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
On 16 October 2010 00:38, Jim Price wrote: > On 15/10/10 23:26, Daniel Case wrote: >> Hi guys, I have a little project to do so that i can access my email and >> some other websites from college, it has a web filter so blocks such things >> which is annoying in 2 hour long 'free' periods. If I didn't have a web >> server running this would be quite simple, but sadly things are never as >> simple as they can be. I can use puTTy from college so would like to use X11 >> forwarding with SSH. >> >> I have tried a direct connection but it timed out, I then learnt that the >> only port 80 connections can get out. What I am therefore trying to do is >> set up the web server so that any requests it receives on port 80 from a >> certain IP gets forwarded to port 22 and i should then be able to log in >> through SSH with X11 forwarding and bring up firefox. I have heard this is >> possible with Iptables? >> >> This is technically against my college IT ToS, but my computing tutors have >> said they will turn a blind eye if I manage to do it. > > Is your web server at home behind a router? If so, I would find out if > they have left any other ports open. Port 8080 would be a good bet, as a > number of real web sites use that as an alternative to port 80. You can > find one to test that out by Googling for "website on port 8080" > (without the quotes there is one on the first hit). Port 443 is the > default port for HTTPS, which you could use if your web server doesn't > do any HTTPS - easy to check if that is open by trying > https://www.google.com. > > All you then need to do is set up the port forwarding on your router to > take incoming requests on port 8080 (or 443) and forward them to port 22 > on your server you want to ssh to, then you can ssh into your home box > by adding :8080 (or :443) to the IP address or name of your home > connection. You need to make sure you secure your ssh access if you are > going to make it available via the internet too - just a username and > password is a bit weak even though you are on a non-standard port. > Setting the ssh server up so that connections from the internet require > a key with a passphrase should be enough. > > Also, rather than trying to run Firefox using X11 forwarding, it would > be a lot faster to just use the ssh connection as a socks proxy. That > way you aren't sending screen update information back from your home > server, just web browsing data. > > It is also possible I haven't understood exactly what you are trying to > do, of course. It is getting a bit late here. Something I found today, while trying to find a reference to the OpenVPN switch I was going to suggest, is this: http://www.rutschle.net/tech/sslh.shtml Basically, if you've got an SSL server running in your webserver, you can make it share the port with an SSH instance... instant proxy circumvention! TADA! :D Of course, then all you've got to do, is to force your SSH client to talk via your proxy, but I know Putty will do that. HOWEVER (and please, pay special attention to this) As a network security engineer, I can only suggest that there is probably some very good reason that you're not supposed to circumvent your proxy, and that I can strongly recommend a representative from your class, form, year or similar term for your educational body, discuss in technical detail with the person who set this rule about why the rule was created and what exactly they are trying to achieve with it. I would assume this is so that you can't bring malware inside the school, or permit access in, via vulnerabilities with the various applications you may or may not want to use, however, it may be part of the terms of service that the school have agreed with their ISP (usually council mandated or even managed, and thus, non-negotiable), and your actions may cause your whole school to be disconnected from the school backbone. Wouldn't you be unpopular if you did that? All the best -- Jon "The Nice Guy" Spriggs -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
On 15/10/10 23:26, Daniel Case wrote: > Hi guys, I have a little project to do so that i can access my email and > some other websites from college, it has a web filter so blocks such things > which is annoying in 2 hour long 'free' periods. If I didn't have a web > server running this would be quite simple, but sadly things are never as > simple as they can be. I can use puTTy from college so would like to use X11 > forwarding with SSH. > > I have tried a direct connection but it timed out, I then learnt that the > only port 80 connections can get out. What I am therefore trying to do is > set up the web server so that any requests it receives on port 80 from a > certain IP gets forwarded to port 22 and i should then be able to log in > through SSH with X11 forwarding and bring up firefox. I have heard this is > possible with Iptables? > > This is technically against my college IT ToS, but my computing tutors have > said they will turn a blind eye if I manage to do it. Is your web server at home behind a router? If so, I would find out if they have left any other ports open. Port 8080 would be a good bet, as a number of real web sites use that as an alternative to port 80. You can find one to test that out by Googling for "website on port 8080" (without the quotes there is one on the first hit). Port 443 is the default port for HTTPS, which you could use if your web server doesn't do any HTTPS - easy to check if that is open by trying https://www.google.com. All you then need to do is set up the port forwarding on your router to take incoming requests on port 8080 (or 443) and forward them to port 22 on your server you want to ssh to, then you can ssh into your home box by adding :8080 (or :443) to the IP address or name of your home connection. You need to make sure you secure your ssh access if you are going to make it available via the internet too - just a username and password is a bit weak even though you are on a non-standard port. Setting the ssh server up so that connections from the internet require a key with a passphrase should be enough. Also, rather than trying to run Firefox using X11 forwarding, it would be a lot faster to just use the ssh connection as a socks proxy. That way you aren't sending screen update information back from your home server, just web browsing data. It is also possible I haven't understood exactly what you are trying to do, of course. It is getting a bit late here. -- JimP -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
On 15 October 2010 23:26, Daniel Case wrote: > Hi guys, I have a little project to do so that i can access my email and > some other websites from college, it has a web filter so blocks such things > which is annoying in 2 hour long 'free' periods. If I didn't have a web > server running this would be quite simple, but sadly things are never as > simple as they can be. I can use puTTy from college so would like to use X11 > forwarding with SSH. http://popey.com/blog/2010/02/25/proxies-in-the-way-of-testing/ Replace the client bits at college where I use ssh, with putty or http://xlivecd.indiana.edu/ to give you an x server at college. Al. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
Hiya Paul, Thanks for the suggestion, but I tried it already, they blocked the web access to the teamviewer site. >< Daniel On 15 October 2010 23:29, Paul Jones wrote: > Hi Daniel, > > Why not just install Teamviewer on your home PC, leave it logged on and > running and use the Teamviewer web logon to access it away from home be it > college or anywhere else > > Paul > (Peejay1977) > > Sent from my BlackBerry® wireless device > > -Original Message- > From: Daniel Case > Sender: ubuntu-uk-boun...@lists.ubuntu.com > Date: Fri, 15 Oct 2010 23:26:15 > To: UK Ubuntu Talk > Reply-To: UK Ubuntu Talk > Subject: [ubuntu-uk] Little project > > -- > ubuntu-uk@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk > https://wiki.ubuntu.com/UKTeam/ > > -- > ubuntu-uk@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk > https://wiki.ubuntu.com/UKTeam/ > -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Little project
Hi Daniel, Why not just install Teamviewer on your home PC, leave it logged on and running and use the Teamviewer web logon to access it away from home be it college or anywhere else Paul (Peejay1977) Sent from my BlackBerry® wireless device -Original Message- From: Daniel Case Sender: ubuntu-uk-boun...@lists.ubuntu.com Date: Fri, 15 Oct 2010 23:26:15 To: UK Ubuntu Talk Reply-To: UK Ubuntu Talk Subject: [ubuntu-uk] Little project -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/ -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
[ubuntu-uk] Little project
Hi guys, I have a little project to do so that i can access my email and some other websites from college, it has a web filter so blocks such things which is annoying in 2 hour long 'free' periods. If I didn't have a web server running this would be quite simple, but sadly things are never as simple as they can be. I can use puTTy from college so would like to use X11 forwarding with SSH. I have tried a direct connection but it timed out, I then learnt that the only port 80 connections can get out. What I am therefore trying to do is set up the web server so that any requests it receives on port 80 from a certain IP gets forwarded to port 22 and i should then be able to log in through SSH with X11 forwarding and bring up firefox. I have heard this is possible with Iptables? This is technically against my college IT ToS, but my computing tutors have said they will turn a blind eye if I manage to do it. Daniel -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/