Skip to main content

Confused with SSH Port Forwarding?

This is one of the confusing topics for me but now I have completely understood. There are lots of blog posts on this with different perspectives and now I am also adding my perspective too. Hope this will help you to understand the concept.

  • Local port forwarding
  • Remote port forwarding
  • Dynamic port forwarding
  • Depends on the service which you want to access on your system from another system or you want to give access of the service from your system to another system.
  • Where you want to use your SSH password

Local port forwarding

Local port forwarding means when you map your IP address and port with the IP address and port of another system of which service you want to access. So when you request for service by your IP address and port which you used for mapping, it redirects the request to another system IP address and port.

  • -N: It tells SSH to not start a shell and only forward ports.
  • -L: It is used for local port forwarding.
  • 192.168.0.195:80: It’s the attacker's IP address and port used for mapping it with the victim's IP address and port.
  • 127.0.0.1:8000: It’s the victim’s IP address where the HTTP service is running.
  • root@192.168.0.131: It’s the victim’s machine IP address and username for SSH.
  • -p 22: It’s the SSH port using for SSH connection.

Remote port forwarding

Remote port forwarding is the opposite of local port forwarding. It’s not mostly used.

  • -N: It tells SSH to not start a shell and only forward ports.
  • -R: It is used for remote port forwarding.
  • 80: It’s the victim’s port that is forward to the attacker's machine. Do netstat -antp, the 80 port is visible in the attacker machine.
  • 127.0.0.1:8000: It’s the victim’s IP address where the HTTP service is running.
  • root@192.168.0.195: It’s the attacker's machine IP address and username for SSH.
  • -p 22: It’s the SSH port using for SSH connection.

Dynamic port forwarding

Dynamic port forwarding allows you to create a proxy server on the machine that is used as an SSH server.

Comments

Popular posts from this blog

Free Cybersecurity Certifications

Introduction to Cybersecurity Cybersecurity Essentials Networking Essentials Android Bug Bounty Hunting: Hunt Like a Rat Ethical Hacking Essentials (EHE) Digital Forensics Essentials (DFE) Network Defense Essentials (NDE) Introduction to Dark Web, Anonymity, and Cryptocurrency AWS Skill Builder Introduction to Cybersecurity Building a Cybersecurity Toolkit Cyber Aces Free Cyber Security Training Course Introduction to Information Security Penetration Testing - Discovering Vulnerabilities

Is your webcam exposed on the internet and everyone enjoying your personal moments? | How to check webcam or security camera is exposed on the internet or not?

Nowadays we start using many technology devices in our homes. Many people are installing CCTV or security cameras in their houses, private rooms, offices, private places, etc for security purposes and monitoring, but many of them don't know how to configure that device securely. So let's talk about CCTV and security cameras only.  What do most CCTV/Security camera users believe? Most users believe that using a strong username and password on a camera administrative page protects them. (Partially true in the case of online cameras) Example: Why it is partially true? It's partially true because you are protecting only the camera administrative page which is also an important part. Still, you are not protecting the protocol used to control streaming media servers (Real-Time Streaming Protocol ( RTSP )). I have seen many online webcams whose administrative page is secured by strong credentials, but they forget to secure the RTSP protocol which gives me access to the streaming

Web Application Security Testing (WAPT) Interview Questions

Let's Contribute All Together For Creating a Questions Dump What are the vulnerabilities you have to test in the Login form, Payment gateway? What is clickjacking? What is the mitigation of clickjacking? What is CSRF? How to mitigate CSRF? Let's take an example, If a developer implements a CSRF token in a cookie, will it mitigate the CSRF issue? Is it possible to mitigate the CSRF by header? If yes why, if No why? If the data is in JSON format, how you will check the CSRF issue and what are the ways of exploitation? Where to implement the CSRF token and why? If the client doesn't want to change the UI or doesn't want to implement the CSRF tokens, and headers then what mitigation you recommended to the client for CSRF? What is the problem with the per-request token? Is login CSRF possible? Explain login CSRF? Have you ever exploited it? What is the mitigation for login CSRF? Suppose, in an application csrf token is implemented in each request and every request, except th