Archive for the ‘HTTP’ Category
Posted by jpluimers on 2020/05/04
Often, hotspots only allow http/https traffic. Other traffic – like SSH – is blocked. Nowadays, fewer hotspots block that, but too many still do.
So it can be worth a while to route your SSH server through HTTPS (I don’t like Web-based SSH that much as terminal emulation in browsers isn’t that well yet, but that seems to change rapidly, more on that in the “Further reading” section below).
After some background reading at apache – Tunnel over HTTPS – Stack Overflow, here are a few links that help you do it:
You need:
- An internet connected Apache server (eg. with IP address 10.1.2.3)
- A FQDN that points to this IP address (eg. ssh.yourdomain.com)
- A virtual host configuration in Apache for this domain (eg. /etc/httpd/conf.d/ssh.yourdomain.com.conf)
- A configuration to adapt ssh to use the HTTP tunnel
Read more at DAG: Tunneling SSH over HTTP(S) and SSH over SSL, a quick and minimal config..
Steps:
- Test of it works at all
- Edit your local ~/.ssh/config file to redirect SSH to HTTPS
Read more at Using SSH over the HTTPS port · GitHub Help.
Using Putty and an HTTP proxy to ssh anywhere through firewalls | Me in IT.
the Digital me: SSH Tunneling Proxy using Putty on Windows and Linux (Unblock YouTube / Orkut / Facebook).
Tunneling SSH through HTTP proxies using HTTP Connect – ArchWiki.
HTTP Tunneling – ArchWiki.
Running SSHD on port 443.
Not all proxy configurations and hotspots support this. But it might be worth a look: SSH Over Proxy.
SSH plugins for browsers:
Web based SSH:
–jeroen
Posted in Communications Development, Development, Encryption, HTTP, https, HTTPS/TLS security, Internet protocol suite, Power User, Security, SSH, TCP | Leave a Comment »
Posted by jpluimers on 2020/02/27
Cool tool, but be aware it does aJavaScript:xmlhttpPost from , so your data can be logged [WayBack] Redirect Detective – A Free Tool To Trace Where Redirects End Up.
For http://www.xs4all.nl/~jp, it shows these redirects (where in bold I’ve listed the changes):
Oh and it runs this call: JavaScript:xmlhttpPost("/linkdetect.px")?word=www.xs4all.nl%2F%7Ejp from [WayBack] redirectdetective.com/ajax.js.
Note that this shows more redirects than the plain http ones, so wget from [WayBack] wget – How do I display all URLs in a redirect chain? – Unix & Linux Stack Exchange shows this:
$ wget http://www.xs4all.nl/~jp 2>&1 | grep Location:
Location: https://www.xs4all.nl/~jp [following]
Location: https://jp.home.xs4all.nl/ [following]
–jeroen
Posted in *nix, *nix-tools, Communications Development, Development, HTTP, Internet protocol suite, Power User, TCP, wget | Leave a Comment »
Posted by jpluimers on 2019/05/21
Since many HTTP stacks do not have fields for this so it’s hard to get the originating IP address:
It is about these HTTP header fields with and without X- prefix:
ForwardedX-Forwarded-ForX-Forwarded-ByX-Forwarded-Proto
Note that widely used tools like HAProxy do not always fully adhere to the “standard”…
Via:
–jeroen
Posted in Communications Development, Development, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »
Posted by jpluimers on 2019/02/21
From the geek fun department: [WayBack] IP over Avian Carriers – Wikipedia.
I learned through this slightly after the fight to keep HTTP status code 418 (I’m a teapot) which is part of RFC2324 released on April 1st, 1998.
The IP over Avian Carriers is part of three RFCs, all released on April 1st in various years:
–jeroen
via: Http-statuscode ‘I’m a teapot’ is voorlopig veilig – IT Pro – .Geeks – Tweakers
Posted in Communications Development, Development, Fun, Geeky, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »
Posted by jpluimers on 2019/01/16
With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.
Some old to new links:
CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.
And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).
However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:
SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.
–jeroen
via: [WayBack] VPN through only http – Server Fault answer by [WayBack] neutrinus
Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »
Posted by jpluimers on 2019/01/15
Though the Google Calendar UI does not support EXRULE and EXDATE to exclude certain slots (via dates or rules) from recurring events.
The API supports them: [WayBack] Google Calendar API, RRULE and EXDATE – Stack Overflow
–jeroen
Posted in Communications Development, Development, Google, GoogleCalendar, HTTP, Internet protocol suite, Power User, REST, TCP | Leave a Comment »
Posted by jpluimers on 2018/11/08
Based on:
- Download the most recent x64 Apache binaries for Windows from [WayBack] Apache VC15 binaries and modules download (at the time of writing: https://www.apachelounge.com/download/VC15/binaries/httpd-2.4.34-win64-VC15.zip )
- Extract recursively to
D:\bin
- Run the UltrawareController locally
- Run
D:\bin\httpd-2.4.34-win64-VC15\Apache24\bin\ab.exe -n 1000 -c 10 http://localhost:8000/foo
This will run the ab Apache benchmark tool with 1000 connections using 10 threads all doing the same http GET request at http://localhost:8000/foo
If you want to test TLS (https) connections, then you need to use the abs tool in the same directory as the ab tool supports http-only (when you still try, you get the message SSL not compiled in; no https support as explained in [WayBack] Add https support to Apache Bench on Windows – Stack Overflow).
Download location via [WayBack] windows – Is there any link to download ab Apache benchmark – Stack Overflow:
There are many more command-line parameters documented at [WayBack] ab – Apache HTTP server benchmarking tool – Apache HTTP Server Version 2.4, this is the summary:
Synopsis
ab [ -A auth-username:password ] [ -b windowsize ] [ -B local-address ] [ -c concurrency ] [ -Ccookie-name=value ] [ -d ] [ -e csv-file ] [ -f protocol ] [ -g gnuplot-file ] [ -h ] [ -Hcustom-header ] [ -i ] [ -k ] [ -l ] [ -m HTTP-method ] [ -n requests ] [ -p POST-file ] [ -Pproxy-auth-username:password ] [ -q ] [ -r ] [ -s timeout ] [ -S ] [ -t timelimit ] [ -Tcontent-type ] [ -u PUT-file ] [ -v verbosity] [ -V ] [ -w ] [ -x <table>-attributes ] [ -Xproxy[:port] ] [ -y <tr>-attributes ] [ -z <td>-attributes ] [ -Z ciphersuite ] [http[s]://]hostname[:port]/path
Via: [WayBack] apache – ab load testing – Stack Overflow
––jeroen
Posted in Communications Development, Development, HTML, HTTP, Internet protocol suite, Software Development, Web Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 