15 min listen
Episode 100 - TCP Tunneling
Episode 100 - TCP Tunneling
ratings:
Length:
31 minutes
Released:
Jun 29, 2019
Format:
Podcast episode
Description
Tunneling protocol
Tcp tunneling
Tunneling is the process of encapsulating content from a protocol A into another protocol B, usually because protocol A is blocked or unavailable. In this video we will explain how TCP tunneling works, the applications of TCP tunnels and the pros and cons. Coming up!
* TCP Tunneling
* Applications
* Pros and Cons
TCP Tunneling
Here is how TCP Tunneling works.
Lets say your goal is to access a website that your ISP proxy blocks www.server2.com this is hosted on server2 on port 80. Lets say there is another Server1 that you have access to and Server1 have direct access to Server2. So if you can make Server1 make the request on your behave to Server2 and somehow deliver the results back to you, you just created a tunnel between You and Server1.
Here is how it actually works.
You create a legit tcp connection over a known protocol such as SSH between you and Server1. You then create a tcp packet that is intended for Sever2 so you tag it with Server2:80. Then you package that packet into another TCP packet intended for Server1! Huh ! Server1:22. You then forward the packet over, your ISP police will see that there is a packet intended to Server1 on port 22. Proxy approves and forwards it over not knowing that you are smuggling content in that packet. Also the proxy cant even look in the content because its encrypted with RSA. Server1 unpacks the package, decrypt and discover that its an other tcp packet. Here is where the shady stuff happen. Server1 now looks and see that the smuggled package is intended for Server2:80, created a connection and delivers the package it, it changes the source ip to its self and keeps track somehow of that. Once it receives the package it knows that this package has to go back to tunnel. The client now have access to the blocked site! What does this look like guys? Yes you guessed it its a VPN.
It’s literally like smuggling content inside a package ? that looks legitimate.
Server1 and Server2 can be the same server
There are many types of tunneling
Local port forwarding: Remote connection,
Socks Proxy: forward pretty much anything (VPN)
Reverse Tunneling : Expose local web server publically
Applications
VPN
Securing an insecure connection
Anonymity
Bypass firewall
SOCKS 4 proxy
redirect all your traffic regardless of the port to an internal proxy instead which tunnels it. Dynamic port forwarding
Pros
Secure connection
Access blocked services
Anonymity
Expose internal traffic
Cons
TCP meltdown (TCP over TCP)
Slow retransmission
Stateful
Local port forwarding
Just one app gets forwarded when the local port is requested
Socks
All apps goes through the proxy
Http tunneling
TCP VS UDP 1:00
11:00 OSI model
15:40 private vs public ip
18:35 proxy vs reverse proxy
24:30 TLS
11:20 local
16:20 reverse
20:40 socks
Tcp tunneling
Tunneling is the process of encapsulating content from a protocol A into another protocol B, usually because protocol A is blocked or unavailable. In this video we will explain how TCP tunneling works, the applications of TCP tunnels and the pros and cons. Coming up!
* TCP Tunneling
* Applications
* Pros and Cons
TCP Tunneling
Here is how TCP Tunneling works.
Lets say your goal is to access a website that your ISP proxy blocks www.server2.com this is hosted on server2 on port 80. Lets say there is another Server1 that you have access to and Server1 have direct access to Server2. So if you can make Server1 make the request on your behave to Server2 and somehow deliver the results back to you, you just created a tunnel between You and Server1.
Here is how it actually works.
You create a legit tcp connection over a known protocol such as SSH between you and Server1. You then create a tcp packet that is intended for Sever2 so you tag it with Server2:80. Then you package that packet into another TCP packet intended for Server1! Huh ! Server1:22. You then forward the packet over, your ISP police will see that there is a packet intended to Server1 on port 22. Proxy approves and forwards it over not knowing that you are smuggling content in that packet. Also the proxy cant even look in the content because its encrypted with RSA. Server1 unpacks the package, decrypt and discover that its an other tcp packet. Here is where the shady stuff happen. Server1 now looks and see that the smuggled package is intended for Server2:80, created a connection and delivers the package it, it changes the source ip to its self and keeps track somehow of that. Once it receives the package it knows that this package has to go back to tunnel. The client now have access to the blocked site! What does this look like guys? Yes you guessed it its a VPN.
It’s literally like smuggling content inside a package ? that looks legitimate.
Server1 and Server2 can be the same server
There are many types of tunneling
Local port forwarding: Remote connection,
Socks Proxy: forward pretty much anything (VPN)
Reverse Tunneling : Expose local web server publically
Applications
VPN
Securing an insecure connection
Anonymity
Bypass firewall
SOCKS 4 proxy
redirect all your traffic regardless of the port to an internal proxy instead which tunnels it. Dynamic port forwarding
Pros
Secure connection
Access blocked services
Anonymity
Expose internal traffic
Cons
TCP meltdown (TCP over TCP)
Slow retransmission
Stateful
Local port forwarding
Just one app gets forwarded when the local port is requested
Socks
All apps goes through the proxy
Http tunneling
TCP VS UDP 1:00
11:00 OSI model
15:40 private vs public ip
18:35 proxy vs reverse proxy
24:30 TLS
11:20 local
16:20 reverse
20:40 socks
Released:
Jun 29, 2019
Format:
Podcast episode
Titles in the series (100)
Episode 01 - Sync vs aSync by The Backend Engineering Show with Hussein Nasser