Monday, February 28, 2005
Bypassing corporate VPN's
This great tool called the rinetd - internet redirection server comes in handy when you want to forward traffic on a particular TCP port to other machines (they might even not on be your network).
If you setup the rinetd port forwarding server on your laptop, you could give access to anyone who doesnt have VPN to connect to the office network (albeit, only on a predetermined IP and port). The laptop has to be publicly accessible. This might mean simply opening up a port on your home router.
Redirects TCP connections from one IP address and port to another. rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf. Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run TCP services on machines inside an IP masquerading firewall.You can use this port traffic forwarder to bypass corporate VPN's. For example, consider:
[arbitrary computer] --> [laptop on home DSL connected via VPN to office network] --> [office network]
If you setup the rinetd port forwarding server on your laptop, you could give access to anyone who doesnt have VPN to connect to the office network (albeit, only on a predetermined IP and port). The laptop has to be publicly accessible. This might mean simply opening up a port on your home router.
Copyright Anand Jain 2004, 2005. All rights
reserved.
Webmaster
