Hello,
I'm trying to get a Samba share to be available via port forwarding. The established method for convincing Windows to allow the otherwise-protected port 139 to be forwarded is to create a loopback adapter (call it 10.0.0.1) and then forward port 139 from that to the port 139 on the Samba server.
Details available for the Truly Curious at:
[url= http://www.blisstonia.com/eolson/notes/smboverssh.php ]http://www.blisstonia.com/eolson/notes/smboverssh.php[/url]
Anyhow, this type of forwarding
Forward 10.0.0.1:139 to remote samba.server.ip.address port 139
works fine with putty, but seems to silently fail with Absolute Telnet (both versions 2.12 and 3.8). Is there a syntax of the forwarding command that allows me to forward "10.0.0.1:139"?
Thanks 🙂
-Nan
Nan,
I read the article you referred to. Very interesting. I've never considered that approach before, but it sounds like it should work. I've tunneled SMB through SSH before, but always had to disable local file sharing to do it. I'd never considered the virtual network adapter approach. Quite interesting. However, AbsoluteTelnet does not *currently* support specifying a particular adapter to bind to a specific port. I'll have to research this a little more.
Brian
Nan,
I've been doing some research on this and here's what I've come up with...
Previously, AbsoluteTelnet port forwarding would attach to the global port number, meaning it would listen to that port on ALL adapters. This doesn't work well for the type of port forwarding you are attempting. In fact, by listening on all adapters, you might be opening a big security hole. For example, if you set up a port to do http proxy forwarding, you might be making that forwarded port available to EVERYONE on your local net when you only meant to make it available for yourself.
AbsoluteTelnet 3.80RC8 addresses this issue by adding additional configuration options to the port forwarding setup. In the forwarding setup, when you select the port number, you can also choose to bind to a particular adapter. The default is 'ALL ADAPTERS', but you could also choose a specific adapter. Additionally, you could choose to bind to local loopback adapter '127.0.0.1' so Absolute will only forward requests made from your own client machine (more secure).
Currently, the list of adapters is queried from Windows and you must choose one from the dialog box when you setup the port. The currently implementation only works in SSH2. I'll have to port this back to SSH1 once we get the issues ironed out.
Monitoring of the activity of the ports can be done by watching 'Options->SSH INFO'. This will show you whether the forwarder was able to bind to the port and will register connection activity.
I've only implemented this recently, and I need some good testers to give it a thorough shakedown. Would you be interested in testing?
If so, you can download the new version here:
Thanks for your help and input!
Brian
Nan,
Did you get a chance to try this new version?
Brian
