(How Set Up a Reverse SSH Tunnel)

{ Reverse SSH Tunnel, ssh -R, ssh -p, netstat -a }

1. Reverse SSH Tunnel Scenario
   • Let's assume that your job is located 30 miles away from your home.
   • Wouldn't it be horrible if your work or school did not have a VPN for you to remotely login and do work in this day an age.
   • Let's further assume you have some sort of deadline (executive report / school project).
   • So, the below picture illustrates how a person could establish a reverse sshe tunnel from work server (BackTrack) to their home server (Ubuntu).

2. Pre-Requisite Lab
   1. BackTrack: Lesson 1: Installing BackTrack 5 R1
   2. BackTrack: Lesson 8: Configuring the SSH Server
   3. Ubuntu: Lesson 1: Installing Ubuntu Desktop 12.04 LTS
   4. Ubuntu: Lesson 8: Installing and Securing openssh-server (a.k.a., sshd)
   
   
3. Lab Notes
   • In this lab we will do the following:
     1. Create and Configure a Putty SSH Tunnel
     2. Configure Firefox SOCK Proxy
     3. Test if traffic is still blocked
   
   
4. Legal Disclaimer
   • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
   • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
   • In addition, this is a teaching website that does not condone malicious behavior of any kind.
   • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
   • © 2014 No content replication of any kind is allowed without express written permission.

1. Start Ubuntu 12.04
   • Instructions
     1. For Windows 7
        • Start --> All Programs --> VMware Player
     2. For Windows XP
        • Starts --> Programs --> VMware Player
   • 

    

2. Verify Virtual Machine Settings.
   • Instructions
     1. Click on Ubuntu 12.04
     2. Click on Edit virtual machine settings
   • 

    

3. Configure Network Adapter
   • Instructions
     1. Click on Network Adapter
     2. Click on the Bridged Radio Button
     3. Click on the Close Button
   • 

    

4. Start the Ubuntu 12.04 VM
   • Instructions
     1. Click on Ubuntu 12.04
     2. Click on Play virtual machine
   • 

1. Change to Gnome Classic
   • Instructions:
     1. Click on the Circle
   • 

    

2. Select Gnome Classic
   • Instructions:
     1. Double Click on GNOME Classic
   • 

    

3. Login to Server
   • Instructions
     1. User: Student
     2. Password: Please supply the student password.
   • 

1. Start up a Terminal
   • Instructions
     1. Click on the Terminal
   • 

    

2. Become Root
   • Instructions
     1. sudo su -
     2. Supply the student password.
   • 

    

3. Verify you have a network connection
   • Instructions
     1. ifconfig -a
        • eth0 is the name of my interface.
        • 192.168.1.111 is my network IP address.
   • Notes
     • If you do not have an DHCP IP Address try the following:
       • dhclient
         • OR
       • /etc/init.d/networking restart
   • 

1. Start Ubuntu 12.04
   • Instructions
     1. For Windows 7
        • Start --> All Programs --> VMware Player
     2. For Windows XP
        • Starts --> Programs --> VMware Player
   • 

    

2. Edit BackTrack Virtual Machine Settings
   • Instructions:
     1. Highlight BackTrack5R1
     2. Click Edit virtual machine settings
   • 

    

3. Edit Network Adapter
   • Instructions:
     1. Highlight Network Adapter
     2. Select Bridged
     3. Do not Click on the OK Button.
   • 

1. Start BackTrack VM Instance
   • Instructions:
     1. Start Up VMWare Player
     2. Select BackTrack5R1
     3. Play virtual machine
   • 

    

2. Login to BackTrack
   • Instructions:
     1. Login: root
     2. Password: toor or <whatever you changed it to>.
   • 

    

3. Bring up the GNOME
   • Instructions:
     1. Type startx
   • 

1. Open a console terminal
   • Instructions:
     1. Click on the console terminal
   • 

    

2. Get IP Address
   • Instructions:
     1. ifconfig -a
   • Notes(FYI):
     1. As indicated below, my IP address is 192.168.1.112.
     2. Please record your IP address.
   • 

    

3. Start the SSH Server
   • Instructions:
     1. service ssh start
     2. ps -eaf | grep -v grep | grep sshd
   • Notes(FYI):
     1. Starting SSH server might not be necessary for other versions of BackTrack.  By default BK5R1, the SSH Server does not start by default.
     2. ps -eaf, Show all processes on the syste
     3. grep -v grep, do not display the actual process grep.
     4. grep ssh, display only the sshd process
   • 

1. Clear known_hosts
   • Instructions: (On BackTrack)
     1. cat /dev/null > /root/.ssh/known_hosts
   • Notes(FYI):
     1. This step is not necessary.
     2. This step is done to prevent any known_hosts warnings for the purposes of the lesson.
   • 

    

2. Create Reverse SSH Tunnel
   • Instructions:
     1. ssh -R 14433:localhost:22 student@192.168.1.111
     2. yes
     3. Supply the student password to the Ubuntu VM.
   • Notes(FYI):
     1. Replace 192.168.1.111 with your Ubuntu IP address obtain from (Section 3, Step 3).
     2. "-R" - This option provides the REVERSE tunnel.  It specifies that the given port on the remote server is to be forwarded to the given host and port on the local side.
     3. "14433" - Is the port that we will use on TargetUbuntu02 (Outside Internet server) to connect back to TargetUbuntu01 (Internal server).
     4. "22" - Is the ssh port that we changed to port 14433.
     5. "student@192.168.1.111"
        • "student" - This is the username you are connecting to Ubuntu as.
        • "192.168.1.111" - This is the IP address of Ubuntu.  Remember in a real world scenario, Ubuntu would be a server on the Internet OR maybe port forwarded on a home router.
   • 

1. See Established Reverse SSH Tunnel
   • Instructions: (On Ubuntu)
     1. netstat -naop | grep "192.168.1.112"
     2. ps -eaf | grep -v grep | grep 3413
   • Notes(FYI):
     1. Replace 192.168.1.112 with your BackTrack IP obtain from (Section 6, Step 2).
     2. Replace the Process ID (3413) obtain from your netstat output.
   • 

1. Clear known_hosts
   • Instructions: (On Ubuntu)
     1. cat /dev/null > /root/.ssh/known_hosts
   • Notes(FYI):
     1. This step is not necessary.
     2. This step is done to prevent any known_hosts warnings for the purposes of the lesson.
   • 

    

2. Connect to Reverse SSH Tunnel
   • Instructions:
     1. ssh -p 14433 student@localhost
     2. yes
     3. Supply student password to the BackTrack VM.
   • Notes(FYI):
     1. "-p" - This option says use port 14433
     2. "student@localhost"
        • "student" - You are connecting back to BackTrack as username student.
        • "localhost" - You connect to the localhost, since you have a session already established on port 14433.
   • 

    

3. Connect to Reverse SSH Tunnel
   • Instructions:
     1. hostname
   • Notes(FYI):
     1. hostname - show or set the system's host name
     2. You are now logged on the BackTrack VM.
   • 

    

1. Proof of Lab (On Ubuntu)
   • Notes(FYI):
     1. Replace 192.168.1.111 with your Ubuntu IP address obtain from (Section 3, Step 3).
   • Instructions:
     1. netstat -nao | grep -v grep | grep "192.168.1.111"
     2. ps -eaf | grep -v grep | grep "192.168.1.111"
     3. date
     4. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
   • Proof of Lab Instructions:
     1. Do a PrtScn
     2. Paste into a word document
     3. Upload to Moodle
   •