network security ssh tunneling david funk matt mclaughlin systems administrators computer systems...
TRANSCRIPT
![Page 1: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/1.jpg)
Network SecuritySSH Tunneling
David FunkMatt McLaughlin
Systems AdministratorsComputer Systems Support
COE, University of Iowa
![Page 2: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/2.jpg)
Using SSH Tunneling SMB Mount Remote Desktop
![Page 3: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/3.jpg)
Direct Connect
Shareclient
SMB file serverPort 139
![Page 4: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/4.jpg)
Tunnel
SMB file server
Share client
SSH client
SSH server
Port 22
encrypted
Port 139
sshd
Port 139
![Page 5: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/5.jpg)
Download ToolsSetup lmhosts
rpccfg.exe http://download.microsoft.com Search for rpccfg
C:\windows\system32\drivers\etc\lmhosts 127.0.0.1 smb00
![Page 6: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/6.jpg)
Set TCP Port 135
Listen only on interfaces specified by Bind value
HKLM\System\CurrentControlSet\Services\RpcSs Add ListenOnInternet REG_SZ N
Reboot
![Page 7: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/7.jpg)
Configure RPC Configure host not to listen on 0.0.0.0:135
rpccfg –l Select interface number of non-loopback interface
rpccfg -a 65539 Reboot
![Page 8: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/8.jpg)
Setup SecureCRT(or Favorite SSH Program)
SecureCRT Tunnel Ports
Z:"Port Forward Table V2"=00000002 port135|127.0.0.1,135|1|128.255.17.40|135|| port139|127.0.0.1,139|1|128.255.17.40|139||
Setup “Port Forward Filter” =allow,127.0.0.0/255.0.0.0,0
allow,128.255.20.23/255.255.255.255 deny,0.0.0.0/0.0.0.0,0
![Page 9: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/9.jpg)
Remote Desktop TunnelBasic Setup
Make sure remote assistance and remote desktop are turned off under Start | Control Panel | System | Remote
Setup SSH with local port 3389 forwarded to remote port 3389 on target Windows computer
![Page 10: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/10.jpg)
Setup Modified mstsc.exe
Allow connections to 127.0.0.1
Copy c:\windows\systems32\mstsc.exe and mstscax.dll to another folder
Set mstsc.exe in new location to run in Windows 98 compatible mode.
![Page 11: Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa](https://reader036.vdocuments.net/reader036/viewer/2022082818/56649e7c5503460f94b7e796/html5/thumbnails/11.jpg)
Connect viaRemote Desktop
Connect SSH session
Start modified mstsc.exe
Connect to 127.0.0.1
Login as usual