Changes

OPS235 Lab 7 - CentOS7

65 bytes added, 09:14, 5 May 2015

no edit summary

# You will be working with the 2nd scenario of bypassing a firewall that blocks http traffic.

# In this investigation centos1 will be your http server and centos2 will be your client.

# On the HTTP server make sure the Apache web server is installed by typing the command: <code>rpm -q httpd</code>

# If it is installed check the configuration of the service to see if it is automatically started at any runlevels by using the <code>chkconfig h</code> command.

# If it has not been started automatically start the service using the '''service''' command.

# On '''centos2''' confirm that the httpd service is stopped so it cannot interfere with your observations.

# The next step is to establish a tunnel. When you establish a tunnel you make an ssh connection to a remote host and open a new port on the local host. That local host port is then connected to a port on the remote host through the established tunnel. When you send requests to the local port it is forwarded through the tunnel to the remote port.

# Establish a tunnel using a local port on centos2 of 20808, that connects to the remote port on '''centos1''' of 80, using the following command on '''centos2''': <code>ssh -L 20808:centos1:80 user@centos1</code> '''Note:''' The '''-L''' option (which means Local port) takes one argument: <local-port>:<connect-to-host>:<connect-to-port> The command basically connects your local port of 20808 to the remote port of 80 on '''centos1'''. This means all requests to 20808 on the localhost ('''centos2''') are actually tunnelled through your ssh connection to port 22 on '''centos1''' and then delivered to port 80 on '''centos1''', bypassing the firewall.

# >Once the tunnel is established use '''netstat''' to verify the port 20808 is listening on '''centos2'''

# Now using the browser on '''centos2''' connect to http://localhost:20808

Msaul

Administrators

13,420

edits

CDOT Wiki β

Changes

OPS235 Lab 7 - CentOS7

CDOT Wiki ^β