Background:
1. All computers in the company connect to the Internet through a proxy server (only HTTP requests sent from the internal network can be sent to the Internet, and all packets from the Internet will be intercepted)
2. An employee of an existing company wants to use the home computer to control work on a computer in the company.
3. He can perform any operation on the two computers.
Internal listening port of proxy server: 3128
Ideas:
Currently, you can use Telnet and SSH to remotely control your computer. However, telnet is not secure, so select ssh.
Run a program at home and work, and use the HTTP protocol to pass and receive information through the proxy to establish an SSH connection.
Specifically: Work sends an SSH server message and uses the POST request to pass through the proxy to the home. Then, home then wraps the ssh-client response into an HTTP Response and sends it back to the proxy. Then the proxy automatically sends it back to work, in this way, data output and input are achieved.
In this way, you can ignore the existence of the proxy and freely operate the company's intranet computers.
Deeper project:
After the company's system network administrator finds this line of employee, it is necessary to write a "filter" to enhance the proxy function to prevent the establishment of such tunnel.
Idea: Write this "filter" and place it between work and proxy, that is to say, work HTTP request a: First receive our "filter" check, if there is no problem, then send it to proxy, b: The response to the proxy is also checked. If both are OK, the information is sent back to work. However, if either of A and B has a problem, the tunnel will be intercepted. For details about how to "check", refer to the rfc http document before processing the HTTP request and Response (for example, if the rul in the HTTP request get is too long or contains SSH characters, I can basically get the tunnel information for this request, as long as it is intercepted, it can break this tunnel)
If you are interested, you can download the original code on the my download page.