[lug] WRT54GL is snarfing ssh port-forwarded HTTP traffic
David L. Anselmi
anselmi at anselmi.us
Sun Jun 10 19:44:49 MDT 2012
Jed S. Baer wrote:
>
> But just now, I monitored eth0 on host B. And it appears that B is
> reflecting the whole http session back out. And, the light dawns on me as
> I'm typing.
>
> ssh -L 10101:hostname:80 -p portnum user at hostname is wrong, should be
> ssh -L 10101:localhost:80 -p portnum user at hostname
Of course, that makes sense. It would have worked if hostname resolved to eth0 on B.
> Of course, this makes me realize that my WRT is at least partially
> exposing its management interface on the internet side, and it'd be nice
> to turn that off. A gander through the options there isn't showing me any
> options I can disable that indicate such a thing.
Maybe not. Even though hostname resolves to the WRT's external interface it might recognize the
traffic as internal and present its web pages. But it'd be worth checking from an external HTTP
request.
Dave
More information about the LUG
mailing list