Anti-Hacker Tool Kit Chapter 13 Port Redirection Roy Chang Information Networking Security and Assurance LAB Department of Communications Engineering National Chung Cheng University
Introduction Listen on a port Client/Server method WEB FTP SSH SMTP
Port Redirection
DataPipe Pass TCP/IP traffic tapipe/datapipe.c
Fpipe Out band source port and UDP support Port:4433 Port:5678 Port:80
Port Hopping- Local Redirection C:\fpipe –l 1234 –r 80 localhost./datapipe localhost Host
Port Hopping- Client Redirection Spork, IIS exploit code on Port 80 IIS Port C:\fpipe –l 80 –r 7070./datapipe
Port Hopping- Dual Redirection fpipe –l 1433 –r 25 Host AHost BHost CHost D./datapipe SQLFTP+mail
Summary Host security Ingress filter Allow what you want Deny all Egress filter Proxy firewall
Reference RFC 1700