Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I telnet to server xxx.xxx.xxx.yyy 1433 and it can telnet into the sql server box with black screen and cursor.After cursor blinking a while, the window dialog switch back to Administrator cmd.
What is this indicates?
Two problems here.
One is, unless your target is set to expect Telnet (terminal unencrypted) traffic on port 1433, it's not going to handshake, and your Telnet command will time out.
Two, if your NETWORK isn't configured to allow traffic on port 1433 across the firewalls (in both directions) then the handshake will fail, and your Telnet command will time out.
A further concern is this: Port 1433 is a commonly-used SQL port, so it's well-documented as a vulnerable port for SQL injection techniques, worm infections, and so on. So there's a VERY good chance that connections on port 1433 are not allowed, except perhaps to trusted hosts, if at all.
So unless you're probing servers to ensure that 1433 is closed, expect the IT security staff to ask some very pointed questions as to why you're wanting to connect via Telnet on this port.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have a remote host ( a VPS ) that I connect to with SSH and it works fine. But sometimes I need to establish VPN connection on it.
By establishing the VPN connection, my ssh breaks and doesn't respond anymore and further tries to connect to it fails with the error:
ssh: connect to host 192.168.1.105 port 22: No route to host
How can I configure VPN or SSH in order to solve this conflict?
As I searched for this problem I saw configurations with iproutes and rules that resolved the problem.But I, myself, found an easy solution by changing the SSH config on client side of tht SSH connection.
There are some configurations on ssh that is reachable through this link.
After going through the link I found out you can create or change a config file ( ~/.ssh/conf )
nano ~/.ssh/conf
And changing it to:
Host *
ServerAliveInterval 300
ServerAliveCountMax 2
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have a server at home and another on a VPS hosting. I tried to create L2TP/IPsec tunnel between them. The tunnel works and one server can access HTTP services from the other server (VPS server is client and server at home is VPN server to which I am connecting and runs HTTP and HTTPS services that I am trying to access from VPS server). But when I try to connect via HTTPS, the connection does not work.
This is what happens when I run this command from the remote server connected to the other one via L2TP/IPsec: openssl s_client -connect SERVER:443:
CONNECTED(00000003)
And if I try wget --verbose https://SERVER/:
Resolving SERVER (SERVER)... SERVERIP
Connecting to SERVER (SERVER)|SERVERIP|:443... connected.
So the connection is started, but no data is exchanged. I have tested with nmap and the port is detected as open.
I tried to connect to this VPN via my laptop and from there, I can access both HTTP and HTTPS services, but from this server, I can only use HTTP. I have tried turning off all firewalls that are on the path of the packets but the problem persists.
I know this is a very specific case so if there is no actual answer to what the problem might be, I am at least looking for guidelines to how to debug this as wget, curl and openssl s_clinent don't provide me any details as they stay on the connection established state.
UPDATE: I have opened 443 port on NAT on the home server and tried to connect to HTTPS service directly from VPS server without VPN and it worked. So only when I access HTTPS via VPN, the connection does not work.
The problem was the MTU setting of the L2TP connection. I had to lower the MTU to 1300 as HTTPS + IPSec add so much overhead that the packet was over 1500, which is the upper limit of the Ethernet and SSL packages set DF (Do not fragment) flag on Layer 3 which disables package fragmentation.
Normally, the server would send special ICMP message to notify the VPN server about this problem but I had ICMP blocked by the firewall so there was no error, just connection was not able to establish as packages had too big size and were just dropped.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
i want to telnet or ssh my pc (mac) at home from my office. How can i do this ? the problem i'm using router with private ip .Gateway is 192.168.1.1 and my pc is 192.168.1.100. I think i should be able to do this when i forward the port in the router setting. But the problem i don't have public ip. My isp only give my dynamic ip (DHCP) , my router's external ip is just another private ip which is connected to another gateway (another level of LAN) which of course i don't have any access. so is it still possible to get access using telnet to my computer ? i read about the reverse ssh but that only works if i have to setup the connection first from my pc. In my case now there's no body near my pc. i just turn it on so i can hopefully access it.
Is there any workaround ? or it's just impossible to do that ?
Thanks
As you don't have a stable IP, I can only think of two options:
VPN
Were you to make a VPN with your local network, and then connect to said VPN, it would give you access to everything on on the network.
Reverse SSH
With reverse SSH you make use of an external server, and set up a listening ssh session. Then, on the external server you can connect to the device behind the router without being bothered by firewalls/port forwarding/etc...
You could do this with:
Device on home network ssh -f -N -R 1234:localhost:22 remote_user#remote.server.example
Where 1234 is the port that remote would use forward to the device
remote.server.example is the remote's address
Then, on the remote server ssh -p 1234 -t device_user#localhost
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am trying to figure out what happens when I do a port forward using OpenSSH (ssh -L <local_port>:<remote_host_2> -fN <remote_host_1>), and how it compares to simply ssh'ing to a remote host.
More specifically, I wonder if remote_host_1 is compromised, can it sniff the traffic
that I am sending to remote_host_2? From the manfile of ssh, it seems that the answer to this question is positive and thus the chain (if, e.g., I am trying to telnet to remote_host_2 via remote_host_1) looks like this:
local_host --[secure]--> remote_host_1 --[open]--> remote_host_2 .
However, what happens if I ssh to the remote_host_2 via the aforementioned port forward (ssh <local_host> -p <local_port>)? Is it correct, that even if the remote_host_1 is compromised, there is no danger? In other words, is the following true in that case:
local_host --[double encryption]--> remote_host_1 --> [single encryption] --> remote_host_2 .
Finally, is it correct that the second situation is still different from ssh'ing to remote_host_1 and ssh'ing to remote_host_2 from it, in the sense that if remote_host_1 is compromised, it can log everything?
Thank you very much!
Your data is encrypted between the client and SSH. From SSH to the target port it is plaintext of course, or rather it is exactly what you are sending over the tunnel to the target application. Only the tunnel part is encrypted.
In short, all the questions should be answered 'yes'.
A reference that answers all my questions is the chapter 11 of "SSH, The Secure Shell" by Daniel J. Barrett & Richard Silverman. An excerpt with all the relevant info can be found here.
I again thank Simon and EJP for their answers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
We have an OPC Server running on windows server 2003. I am using an OPC client from a remote machine running on Windows Server 2008.
From the OPC Server node, I can ping the Client node. However I am not able to telnet ( I tried only port 135 which is for DCOM communication).
Any other machine can telnet the client machien i.e. Windows Server 2008.
I see on OPC Server, the port 135 is added.
One more thing, the tracert doesn't fully show all the hops from OPC Server to OPC Client.
I can telnet from OPC Client to OPC Server on port 135.
Do you think port 135 communication is blocked when the telnet packet routes from OPC Server to OPC Client ?
Please reply . Its driving me crazy. DCOM headache !!
There was a firewall problem. You always have to make sure port 135 is open on both the sides. Use telnet to verify port before dealing with DCOM issues.