Recently, I debugged the public account function. when receiving the push, I didn't want to submit it to the server to view the log every time. so I used the reverse proxy of Nginx to forward the requests received by Port 80 on the server to 127.0.0.1: 9000 and then use ssh to build a tunnel to set the server's 9000... I recently debugged the public account function and didn't want to submit it to the serve
the company's intranet computers.
Deeper project:
After the company's system network administrator finds this line of employee, it is necessary to write a "filter" to enhance the proxy function to prevent the establishment of such tunnel.
Idea: Write this "filter" and place it between work and proxy, that is to say, work HTTP request a: First receive our "fil
result after the combination of the user name and password, that is, the username: Password is base64-encoded.
In fact, encoding is meaningless to security. base64 cannot be regarded as encrypted in strict sense. Currently, encryption of keys is not required in the era of information security.AlgorithmThe encoding method is more appropriate. The user name and password can be obtained immediately after such a package is captured.
HTTP/1.0 200 connection established
After receiving the rece
External network access test machine.The Windows machine uses SSH to reverse tunnel. Service side using reverse proxy
Install Openssh-win and set environment variables under win
Open cmdC:\users\administrator>ssh-p 22-r 1999:localhost:8080-b 0.0.0.0 [email protected]-R 1999 Port of the remote machine-B External network segment monitoring, no 127.0.0.1 monitoring8080 Native portThis way, the 199
Recently debug public number function, do not want to submit to the server every time to read the log
So on the server with the Nginx reverse proxy to the server 80 port received the request forwarded to the 127.0.0.1:9000
Then using SSH to tunnel the server 9000 port mapped to my local development machine 80
SSH Tunnel Reference http://my.oschina.net/magicly007
, and when it receives a request sent from a client, it processes the request as if it were a resource server that owns the resource. Sometimes the client is unaware that its communication target is a gateway.(2), CharacteristicsGateways work in a very similar mechanism to proxies. The gateway enables the server on the communication line to provide non-HTTP protocol services.Using a gateway can improve the security of the communication because it can be encrypted on the communication line betwee
1. Create tunnel on the server using SSHSSH 10080 -f-c-q-n [email protected]112.34. 113.35 -D: Let SSH on the specified port (1025-65536-----n:tells SSH That no command would be sent once the tunnel is up# the last specified is the SSH user and the currently established tunnel server IPRun in the background after execution, you can view the process through PS2.
HTTP communication, in addition to the client and the server, there are some applications for communication data forwarding, such as proxies, gateways, tunnels. Work with the server.
Agent
Forwarding function, there can be multiple proxies between the client and the server.
Cache Proxy: reduce server pressure,Transparent proxy: Do not make any changes to the message processingNon-
0. PrefaceNC is a good tool for both ends of the network connection, but also a temporary port forwarding. (What is the permanent port forwarding?) With Iptables)SSH is also a good tool in this area, the advantage is that encryption is reliable reusable at one end of the operation, at the cost of having a login account.We know that SSH automatically encrypts and decrypts all network data between the SSH client and the server. However, SSH also provides a very useful feature, which is port forwar
Target machine: A IP is 192.168.2.150 (intranet IP) a.xxx.x.xx (extranet IP)Springboard machine: B IP for 192.168.2.151 (intranet IP) b.xxx.xx.xx (extranet IP)The target machine is not linked directly, the task now is how to connect to the target machine.1,securecrt LinksThis method is used SSH, first linked to the springboard machine ssh a.xxx.x.xxThen from the springboard to the target machine ssh 192.168.2.1512, how to use WINSCP link in this way? This is the purpose of writing an article.(1)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.