Giter Site home page Giter Site logo

toh's Introduction

ToH (TCP over HTTP)

简介

将 TCP 流量封装到 HTTP 中,从而隐藏网站管理服务,减少被攻击的风险。

用法

需要 nodejs。

服务端:

toh -s http-port

客户端:

toh -c local-port url remote-port

演示

服务端:

./toh -s 8080

客户端:

./toh -c 10022 http://server-ip:8080 22

客户端测试:

ssh 127.0.0.1 -p 10022

应用

本程序不提供认证、加密、日志等功能,所以最好不要运行在公网上,而是通过已有的 Web 服务进行转发,例如 nginx:

server {
  server_name                 mysite.com;
  listen                      443 ssl;

  ssl_certificate             mysite.com.cer;
  ssl_certificate_key         mysite.com.key;

  # ...

  location = /ssh-xxxx {
    proxy_pass                http://unix:/tmp/toh.sock;
    proxy_http_version        1.1;
    proxy_set_header          Upgrade $http_upgrade;
    proxy_set_header          Connection upgrade;
    proxy_buffering           off;
    proxy_request_buffering   off;
  }
}

服务端:

rm -f /tmp/toh.sock
./toh -s /tmp/toh.sock

客户端:

./toh -c 10022 https://mysite.com/ssh-xxxx 22

xxxx 替换成随机字符串 (例如 uuidgen) 以防路径爆破。

将本程序运行为后台服务模式,即可删除服务器防火墙中的 SSH、远程桌面等私有运维服务的端口,对外只公开 Web 端口,减少被攻击的风险。查看更多

toh's People

Contributors

etherdream avatar

Stargazers

avatar Anne Thorpe avatar avatar 大阳 avatar Ghost in the Chair avatar Ubastic avatar frederich.liu avatar Alec Shan avatar avatar avatar Emo avatar avatar avatar Jun Liu avatar 乔戈里 avatar Liu Wenyuan avatar avatar avatar r4b3rt-isc avatar GAURAV avatar avatar ClarkQAQ avatar 李润泽 avatar alianhha avatar JXianSheng avatar Cloudflying avatar undefined avatar smallwhite avatar Dr. Awesome Doge avatar avatar Sw0rd avatar boring man avatar avatar l0cal avatar avatar ᴍᴏᴏɴD4ʀᴋ avatar tom0li avatar Roc木木 avatar Lynch Ye avatar Antares avatar avatar Helixcs avatar

Watchers

James Cloos avatar avatar TSX avatar avatar

Forkers

shivtga maincooss

toh's Issues

建议和讨论

文章写的很好,但个人感觉TCP over HTTP也不是没有缺点的。它在提升安全性的基础上一定程度的降低了可用性。

举例来说,如果前端反向代理服务器(如nginx)出现了异常(比如配置错误或被DoS了)无法处理请求,那么该服务器的管理端口(比如SSH)也就无法被访问了。这会导致管理员需要更长的时间来解决问题(比如联系服务器提供商从本地进行操作等)。

针对这个问题有什么解决办法吗?

./toh -s 8080

Centos8 kernel 4.18
./toh -s 8080

./toh: line 7: syntax error near unexpected token newline' ./toh: line 7: '

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.