Episode 100 - TCP Tunneling
The Backend Engineering Show with Hussein Nasser - A podcast by Hussein Nasser
Categories:
Tunneling protocol Tcp tunneling Tunneling is the process of encapsulating content from a protocol A into another protocol B, usually because protocol A is blocked or unavailable. In this video we will explain how TCP tunneling works, the applications of TCP tunnels and the pros and cons. Coming up! * TCP Tunneling * Applications * Pros and Cons TCP Tunneling Here is how TCP Tunneling works. Lets say your goal is to access a website that your ISP proxy blocks www.server2.com this is hosted on server2 on port 80. Lets say there is another Server1 that you have access to and Server1 have direct access to Server2. So if you can make Server1 make the request on your behave to Server2 and somehow deliver the results back to you, you just created a tunnel between You and Server1. Here is how it actually works. You create a legit tcp connection over a known protocol such as SSH between you and Server1. You then create a tcp packet that is intended for Sever2 so you tag it with Server2:80. Then you package that packet into another TCP packet intended for Server1! Huh ! Server1:22. You then forward the packet over, your ISP police will see that there is a packet intended to Server1 on port 22. Proxy approves and forwards it over not knowing that you are smuggling content in that packet. Also the proxy cant even look in the content because its encrypted with RSA. Server1 unpacks the package, decrypt and discover that its an other tcp packet. Here is where the shady stuff happen. Server1 now looks and see that the smuggled package is intended for Server2:80, created a connection and delivers the package it, it changes the source ip to its self and keeps track somehow of that. Once it receives the package it knows that this package has to go back to tunnel. The client now have access to the blocked site! What does this look like guys? Yes you guessed it its a VPN. It’s literally like smuggling content inside a package 📦 that looks legitimate. Server1 and Server2 can be the same server There are many types of tunneling Local port forwarding: Remote connection, Socks Proxy: forward pretty much anything (VPN) Reverse Tunneling : Expose local web server publically Applications VPN Securing an insecure connection Anonymity Bypass firewall SOCKS 4 proxy redirect all your traffic regardless of the port to an internal proxy instead which tunnels it. Dynamic port forwarding Pros Secure connection Access blocked services Anonymity Expose internal traffic Cons TCP meltdown (TCP over TCP) Slow retransmission Stateful Local port forwarding Just one app gets forwarded when the local port is requested Socks All apps goes through the proxy Http tunneling TCP VS UDP 1:00 11:00 OSI model 15:40 private vs public ip 18:35 proxy vs reverse proxy 24:30 TLS 11:20 local 16:20 reverse 20:40 socks