Skip to main content

ssh tunnel on linux mechine

-- pertama --

base on tunneling on my previous post ( if you wanna see it)

-- next --
in my case, how to tunnel ssh connection is a must. ans this is the story..

-- basically --
all you need to know is the right formula. n the formula is


ssh -L localport:host:hostport user@ssh_server 

-- on check n jajal --

ssh -L 1122:1.2.3.4:22 user@brekele.inc 

the explanation is we make local port 1121. it redirect our connection to 1.2.3.4 on port 22 ( how simple it is)

--other option --
you can put -L more than one. maybe you wanna make tunnel to vnc port or another else


ssh -L 1122:1.2.3.4:22 -L 1123:1.2.3.4:5901 user@brekele.inc

source : www.linuxhorizon.ro

Comments

  1. hmm... using that method, could we prevent ssh downgrade attack from an mitm?

    ReplyDelete
  2. Actually SSH Port Forwarding & SSH Tunneling is a way to continue the connection to a port that is not normally encrypted via tunneling. This method is commonly used for many service ports that are not encrypted, for example: databases, http, svn, and other services on a system / computer.
    and to secure from attack, that's not enough with just one way. So keep watch

    ReplyDelete

Post a Comment

comment please ...

Popular posts from this blog

Webalizer - Statistik trafik/kunjungan web (ubuntu)

--goal--
make subdomain trafik statistik

--install--
run this command :
sudo apt-get install webalizeredit "/etc/apache2/apache2.conf" , set
HostnameLookups Off into :
HostnameLookups On
--1--
All we need is already prepared, now set log of vhost in "/etc/apache2/sites-enabled" to spesifict folder.
exp. $sudo vi /etc/apache2/sites-enabled/monitor CustomLog ${APACHE_LOG_DIR}/access.log into: CustomLog ${APACHE_LOG_DIR}/vhost/monitor/access.logrestart service
$sudo /etc/init.d/apache2 restart
--2--
create another file config of webalizer in /etc/webalizer
exp. vi /etc/webalier/monitor.conf
set the LogFile to apache2 logfile:
LogFile /var/log/apache2/vhost/monitor/access.log # apache log OutputDir /var/webalizer/monitor/ #webalizer report Incremental yes ReportTitle Usage statistics for HostName monitor.brekele.co.cc
--3--
create script to run webalizer via crontab
exp. vi /etc/webalizer/cron_job
#!/bin/bash echo "di jalankan pada: `date +"%d-%B-%Y %r"…

pgpoolAdmin, web interface for pgpool

--preparation--
next capter of pgpool from my last post ( here), now i wanna post about a tool that can manage pgpool from web interface called pgpoolAdmin. next... enjoy the post... ^_^

--1--
first we need to download pgpooladmin from here, extrak and copy or move to http directory( for exp : /var/www) 
$wget http://pgfoundry.org/frs/download.php/2964/pgpoolAdmin-3.0.3.tar.gz $tar zxvf pgpoolAdmin-3.0.3.tar.gz $sudo cp -Rf pgpoolAdmin-3.0.3 /var/www/test
 --2--
install pgpooladmin via web on: http://localhost/test/install


make sure owner of that file is "www-data"(of course have write akses) and check again



login with user that you create on /etc/pcp.conf (for more detail see my last post



and done.ya.. tooo.......!!!
 ^_^

send oracle 11g audit log to syslog server ( on other PC)

--preparation-- 
well...... this time i will write about syslog, and for this experiment what we need is :
- kiwi syslog server get from here and install it on your PC( i use xp for this server syslog)
- oracle db
- and of course, a cup of coffee is a must and other thing that make you relax and comfortable ( :p )

--scema--
first thing to do is redirect oracle audit log to syslog, and than from syslog send to syslog server( kiwi syslog)

--1--
 edit initSID.ora and add this folowing config :
create "/var/log/oracle/" firs
audit_file_dest='/var/log/oracle/' audit_trail='OS' AUDIT_SYSLOG_LEVEL=local1.warning after that edit /etc/syslog.conf, and add this folowing config :
#Save oracle rdbms audit trail to oracle_audit.log local1.warning /var/log/oracle/oracle_audit.log #Send oracle rdbms audit trail to remote syslog server local1.warning @1.1.1.1 #<= ip your syslog server--2--
restart syslog service with command :
/sbin/service syslog restart …