[lug] WRT54GL is snarfing ssh port-forwarded HTTP traffic

David L. Anselmi anselmi at anselmi.us
Sun Jun 10 19:44:49 MDT 2012


Jed S. Baer wrote:
>
> But just now, I monitored eth0 on host B. And it appears that B is
> reflecting the whole http session back out. And, the light dawns on me as
> I'm typing.
>
> ssh -L 10101:hostname:80 -p portnum user at hostname is wrong, should be
> ssh -L 10101:localhost:80 -p portnum user at hostname

Of course, that makes sense.  It would have worked if hostname resolved to eth0 on B.

> Of course, this makes me realize that my WRT is at least partially
> exposing its management interface on the internet side, and it'd be nice
> to turn that off. A gander through the options there isn't showing me any
> options I can disable that indicate such a thing.

Maybe not.  Even though hostname resolves to the WRT's external interface it might recognize the 
traffic as internal and present its web pages.  But it'd be worth checking from an external HTTP 
request.

Dave



More information about the LUG mailing list