Dom
Member
Registered: 13th Sep 03
User status: Offline
|
does anyone know about creating SSH tunnel between two windows systems?
I want to be able to use VNC to my home system from work but my works internet is heavily locked down - only ports 80, 443, 110, 25 are available outbound.
I've had a good read around and thinking about using either freeSSHd/copSSH or SecureCRT for the SSH server and then putty on the client side - but am a little lost. 
One question i have though, i don't have access to the router at work - so would using the said ports (above) work? And if i port forwarded say port 443 on my home router to my system, would that stop other people using HTTPS on my network?
cheers all 
|
pow
Premium Member
Registered: 11th Sep 06
Location: Hazlemere, Buckinghamshire
User status: Offline
|
What inbound ports are available?
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
quote:
Originally posted by pow
What inbound ports are available?
pretty much what i listed - 443, 80, 110, 25. My end i can do what i want but im pretty restricted at work. Thats why im trying to create a tunnel to system so i can do what ever i want.
|
Tim
Site Administrator
Registered: 21st Apr 00
User status: Offline
|
As previously mentioned.... SSL-Explorer. Only requires port 443 open outbound (or works through a proxy that allows HTTPS CONNECTs too).
Don't need to SSH -- it even features a VNC client, which downloads/launches from your server (so you don't need to install one locally).
If you forward port 443 to your system, it won't stop anyone else viewing secure websites. It would just stop them being able to host one too (on the same external IP/port anyway).
[Edited on 06-02-2008 by Tim]
|
pow
Premium Member
Registered: 11th Sep 06
Location: Hazlemere, Buckinghamshire
User status: Offline
|
Am I being real stupid but can't you just change VNC to connect via port 80 or 443?
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
But from what i remember, SSL Explorer required me to port forward at work and i can't do that. I'll give it another go but i could never get it to work 
|
Tim
Site Administrator
Registered: 21st Apr 00
User status: Offline
|
No port forwards at work. What would you need to forward? That's the whole point of software like this. If you can connect to a secure server like https://corsasport.co.uk, then it'll work 
SSL-Explorer is essentially only doing the same thing as an SSH tunnel (but over the commonly open and convenient SSL ports).
[Edited on 07-02-2008 by Tim]
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
Am i right that i install SSL-Explorer on my home machine and then just port forward 443 to my system, Then login from work (ie: https://home-ip-address:28080)?
Also, the SSL Tunnel seems a little confusing - ie: if i was to run VNC (as an example) i would create an SSL tunnel with the source port being 110 (would also have to port forward 110 to my systems ip at home?) and the destination port 5901 (untravnc default port), start the server at home with on port 5901 and then point my client at work to home-ip-addy:110?
|
Tim
Site Administrator
Registered: 21st Apr 00
User status: Offline
|
Install SSL-Explorer at home and forward 443 on your router to your system. Then access from work on https://home-ip (no 28080 -- that's the configuration port not the access port).
The create an 'application' in SSL Explorer -- there's several to choose from including a VNC client. Then just specify the IP address of the VNC server (the private internal address not your internet IP) and run it.
If you want to use raw SSL tunnels, then you create with say a source of 5901 (rather than 110 as that's std for POP3 -- also no more forwarding required -- just port 443) and a destination of say 192.168.1.1:5901. Then once the tunnel is established you point your client at localhost:5901 (your work machine) and the agent picks it up, tunnels it to your home server, and makes the final connection to the home VNC server.
[Edited on 07-02-2008 by Tim]
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
Cheers Tim, i'll see how i get on
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
SSL-Explorer is brilliant - a little confusing at first but it works pretty well, especially the proxy part of SSL-Explorer. And being able to setup network shares is a top feature. It's a little slow though and i've noticed that with the server running it slows my connection down at home (when no ones using SSL-Explorer), but atleast it works.
Cheers Tim
|
pow
Premium Member
Registered: 11th Sep 06
Location: Hazlemere, Buckinghamshire
User status: Offline
|
Makes things clear, thanks Tim
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
yeah, it seems like a really good bit of kit at the moment - though im having troubles setting up the ultravnc application. it's starts the java SSL agent but then it comes up that the agent has failed
edit - perhapps my firewall on my system is blocking it, shame i couldn't tell
edit 2 - i know you have to create a key, but how secure is using SSL-Explorer?
[Edited on 08-02-2008 by Dom]
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
sorted the agent part - the SSL agent doesn't like opera, seems to work fine using IE.
Although i've set up my VNC server wrong and can't connect oh wells...
cheers again tim
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
Update - SSL Explorer is alright for the basic stuff, but a lot of the decent features (socks proxy, various extensions) are in the enterprise version which is £200
I've managed to get VNC working ok and the basic web proxy works ok (won't allow you to watch youtube vids, or post of myspace/facebook) but i've yet be able to get it to tunnel to a proxy (eg: CCProxy etc), which could potentionally sort out the problems i've said about the web redirect proxy SSL explorer has as standard.
cool program anyways
|
