JavaScript must be enabled in order for you to see "WP Copy Data Protect" effect. However, it seems JavaScript is either disabled or not supported by your browser. To see full result of "WP Copy Data Protector", enable JavaScript by changing your browser options, then try again.

透過Putty在M$上實作SSH Forwarding(Tunneling)與驗證


由上圖可知若在Intranet通往Destination中間如果有像我一樣無聊的人,開著鯊魚或其他Sniffer去Listen一些資訊時,又剛好您正在做使用者登入的認證,此時很有可能您的密碼會被我這種人捕捉到,進而造成資訊安全的問題,所以這個SSH Tunneling的最大好處在於當您SSH到Server當作跳板時,就算中間有人攔截封包,會因為有SSH加密而造成攔截者沒有辦法做辨識,且對方的Host也不用支援SSL或其他加密的安全機制就可以達到傳輸加密的功能,十分的方便,所以也蠻受許多人的喜愛。
這邊以最普遍的例子做示範,至於在Linux上實作就只要打開X11Forwarding與搭配SSH的選項參數即可使用,所以就不多做介紹,實作M$的部分如下:

1) 用謎樣的方式拿到Putty後且手上已經有台可支援SSH連線的Server

 

 

 

 

 

 

 

 

 

 

 

2) 設定欲連線Destination的IP與Port以及等下要轉送到本地端的哪個Port

 

 

 

 

 

 

 

 

 

 

 

3) 直接Telnet到Ptt.cc並輸入帳密(記得在執行這步之前先把鯊魚打開)

4) 再輸入Telnet到Localhost也輸入帳密

5) 檢視鯊魚抓到的封包(其中Mark的部分就是我輸入的帳密資訊[Plain])

6) 用鯊魚會抓不到我Telnet Localhost的封包,所以透過Server來驗證是否真的有做Forwarding(已被包成SSH型式)

#tcpdump -X -nn -i eth0 port 23

7) 最後透過Print的方式輸出*.out檔案並檢視(驗證剛剛Telnet到Ptt.cc的連線帳密被捕捉[/r/n表Enter])

#cat result.out
No. Time Source Destination Protocol Length Info
9 1.938439 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 9: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 1, Ack: 1, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 1 (relative sequence number)
[Next sequence number: 2 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16448
[Calculated window size: 16448]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6b74 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: t
No. Time Source Destination Protocol Length Info
13 2.746374 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 13: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 2, Ack: 2, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 2 (relative sequence number)
[Next sequence number: 3 (relative sequence number)]
Acknowledgement number: 2 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16448
[Calculated window size: 16448]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x7a72 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: e
No. Time Source Destination Protocol Length Info
16 3.010460 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 16: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 3, Ack: 3, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 3 (relative sequence number)
[Next sequence number: 4 (relative sequence number)]
Acknowledgement number: 3 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16447
[Calculated window size: 16447]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6c71 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: s
No. Time Source Destination Protocol Length Info
19 3.226424 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 19: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 4, Ack: 4, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 4 (relative sequence number)
[Next sequence number: 5 (relative sequence number)]
Acknowledgement number: 4 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16447
[Calculated window size: 16447]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6b6f [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: t
No. Time Source Destination Protocol Length Info
23 4.130140 114.34.31.253 140.112.172.5 TELNET 64 Telnet Data ...
Frame 23: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 5, Ack: 5, Len: 2
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 5 (relative sequence number)
[Next sequence number: 7 (relative sequence number)]
Acknowledgement number: 5 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16447
[Calculated window size: 16447]
[Window size scaling factor: -1 (unknown)]
Checksum: 0xd262 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 2]
Telnet
Data: \r\n
No. Time Source Destination Protocol Length Info
28 5.058360 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 28: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 7, Ack: 38, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 7 (relative sequence number)
[Next sequence number: 8 (relative sequence number)]
Acknowledgement number: 38 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16439
[Calculated window size: 16439]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6b52 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: t
No. Time Source Destination Protocol Length Info
30 5.266352 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 30: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 8, Ack: 38, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 8 (relative sequence number)
[Next sequence number: 9 (relative sequence number)]
Acknowledgement number: 38 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16439
[Calculated window size: 16439]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x7a51 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: e
No. Time Source Destination Protocol Length Info
33 5.490367 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 33: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 9, Ack: 38, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 9 (relative sequence number)
[Next sequence number: 10 (relative sequence number)]
Acknowledgement number: 38 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16439
[Calculated window size: 16439]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6c50 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: s
No. Time Source Destination Protocol Length Info
35 5.658368 114.34.31.253 140.112.172.5 TELNET 63 Telnet Data ...
Frame 35: 63 bytes on wire (504 bits), 63 bytes captured (504 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 10, Ack: 38, Len: 1
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 10 (relative sequence number)
[Next sequence number: 11 (relative sequence number)]
Acknowledgement number: 38 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16439
[Calculated window size: 16439]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6b4f [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 1]
Telnet
Data: t
No. Time Source Destination Protocol Length Info
37 6.337995 114.34.31.253 140.112.172.5 TELNET 64 Telnet Data ...
Frame 37: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: AsustekC_a9:67:c9 (bc:ae:c5:a9:67:c9), Dst: Unispher_42:a7:34 (00:90:1a:42:a7:34)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol Version 4, Src: 114.34.31.253 (114.34.31.253), Dst: 140.112.172.5 (140.112.172.5)
Transmission Control Protocol, Src Port: 52896 (52896), Dst Port: telnet (23), Seq: 11, Ack: 38, Len: 2
Source port: 52896 (52896)
Destination port: telnet (23)
[Stream index: 2]
Sequence number: 11 (relative sequence number)
[Next sequence number: 13 (relative sequence number)]
Acknowledgement number: 38 (relative ack number)
Header length: 20 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 16439
[Calculated window size: 16439]
[Window size scaling factor: -1 (unknown)]
Checksum: 0xd243 [validation disabled]
[SEQ/ACK analysis]
[Bytes in flight: 2]
Telnet
Data: \r\n

◎所以說無論在Internet或Intranet明碼做認證都是非常危險,因為說不定在哪顆GateWay上面有人開著類似鯊魚在等著您大駕光臨= =!

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
This site is protected by WP-CopyRightPro