Intrusion penetration techniques Xinetd port forwarding
In some network environments, such as managing a LAN or deploying a dedicated LAN, it may still be necessary to access certain ports of the Intranet machine from outside. Generally, you must access the jump server to access the corresponding machine.
In our example, we must achieve the dedicated LAN of the Management port of the switch. For example:
Private IP address range: 192.168.10.0/24
The vswitch is configured with 192.168.10.254 and Its Management port is 80.
The jump server Accesses both networks at the same time and has an external address of 10.10.10.1.
The IP address for direct access to the vswitch is 10.10.10.1 port 81. You can Configure xinetd on the stepping stone as follows:
# Cat/etc/xinetd. d/http-switch service http-switch {disable = notype = UNLISTEDsocket_type = streamprotocol = tcpwait = noredirect = 192.168.10.254 80 bind = 10.10.10.1port = 81 user = nobody}
Reload xinetd, and then you can access http: // 10.10.10.1: 81 through a browser.
Chkconfig xinetd on
Rcxinetd restart
The same applies to other ports.