Reverse Proxy into Linux via SSH

Instructions to establish a reverse SSH proxy on server startup. Useful for setting up a server behind gateways/firewalls.   Install SSH keys on the remote and local server. Note the command should work independently before setting up as a service.

On the remote server you can login via the tunnel

  Create a service[…]

Heartbleed – OpenSSL Application Source Code Example

[perl] /* * CVE-2014-0160 heartbleed OpenSSL information leak exploit * ========================================================= * This exploit uses OpenSSL to create an encrypted connection * and trigger the heartbleed leak. The leaked information is * returned within encrypted SSL packets and is then decrypted * and wrote to a file to annoy IDS/forensics. The exploit can * set[…]

Heart Bleed – Exploit Example Code

If you need to test your server for the vulnerability, here is a simple Python script… [python] #!/usr/bin/python import sys import struct import socket import time import select import re from optparse import OptionParser options = OptionParser(usage=’%prog server [options]’, description=’Test for SSL heartbeat vulnerability (CVE-2014-0160)’) options.add_option(‘-p’, ‘–port’, type=’int’, default=443, help=’TCP port to test (default: 443)’)[…]

Setting up SSH public/private keys

Setting up SSH public/private keys SSH (Secure Shell) can be set up with public/private key pairs so that you don’t have to type the password each time. Because SSH is the transport for other services such as SCP (secure copy), SFTP (secure file transfer), and other services (CVS, etc), this can be very convenient and[…]