close

從古至今,隨著計算機技術的進步,我們從Telnet演化到多元化遠端服務,包括檔案傳輸、撥打電話、遠端軟體內建的螢幕錄影功能、甚至支援AR等等,遠端連線技術逐漸強大。我在這裡會簡介各種遠端方式的特色與進階玩法。

Telnet:最單純的遠端存取技術,使用TCP 23,做為服務器端只要開啟Telnet service與相關設定(如配置IP、防火牆的允許、與身分驗證),就可以服務Telnet客戶端。

對服務器而言,Telnet幾乎是最方便的設定;然而Telnet時代,網路連線技術還只是萌芽期,我們對資料 / 訊號的傳輸尚未有清楚的加密概念。現在2020仍有一定的使用量。

SSH:是安全版Telnet,使用TCP 22,現在2020仍普遍使用。大部分的SSH應用還是以CLI為主。

Windows RDP / VNC:如果不是過於老舊的Windows版本,應該都有內建RDP;與VNC有某些相同點,如支援GUI遠端連線、使用基於IP地址的參數做為連線的主要方式。

應用軟體:TeamViewer。使用基於ID的參數做為連線的主要方式,此方式與RDP / VNC不同,舉例兩台主機準備遠端連線,但只要有一台主機位在NAT內部網路,對另一台主機而言,就不易透過IP的參數進行遠端存取。

而TeamViewer可以說是完美解決了這個問題,啟動該軟體後,它會自動向TeamViewer服務器請求註冊,服務器再從客戶端軟體傳送的主機資訊,可能使用某個演算法得出一個ID,並分配且固定在你的主機上。對多數防火牆來說,由內往外的流量通常屬於信任流量,反之為不信任。

目前筆者只想到TeamViewer一個小缺點,卻是RDP / VNC能解決的,那就是某個網路與網際網路完全隔離,因為TeamViewer一定是over the Internet,而RDP / VNC是over IP network only.

應用軟體:Cisco Webex Meetings。使用URL的參數做為連線的主要方式,它和TeamViewer有幾分相似,也是over the Internet,不過它原是商業應用,思科已出免費版。

0.png

0.png

只要對方點進我的連結,就能啟動遠端連線,當然必須由我(主持人)做「開始會議」,連結對加入者才有意義。與TeamViewer不同的是,它的遠端畫面基於螢幕,Cisco Webex Meetings基於應用程式。

換言之,你能使用Cisco Webex Meetings選擇欲共享的畫面,例如選擇簡報檔、瀏覽器或outlook以共用。

最後小小補充有關明文的SSH封包。這是正常的密文SSH資料

messageImage_1582780511820.jpg

這是經過某一些技巧的明文的SSH資料

messageImage_1582780515623.jpg

原理解說與筆者親自示範,請Youtube搜尋關鍵字「[Chin] 明文的SSH封包

Since ancient, with the advancement of computer technology. Advancement of remote service, from Telnet to diversification. It include file transfer, dial up, screen video even AR and so on. Remote connection technology is more powerful. I have introduce some remote methods that characteristic and advance skill.

Telnet:It is the best simple method for remote access, use TCP 23. As server, it enable Telnet service only, and about configuration(such as IP address, firewall rule, identify check).
For server, Telnet is the best convenience with setting. However, in Telnet age. Network connection technology was infancy. We had yet concept for cybersecurity. In 2020, Telnet is still using now.

SSH:It is secure Telnet, and it use TCP 22. In 2020, SSH is widely used. Most of the SSH apply by CLI.

Windows RDP / VNC:If Windows OS is not old, it should default attach RDP. They have some same feature, such as support GUI remote connection, and it used IP-based as parameter for main connection method.

Application software:Teamviewer. It used ID-based as parameter for main connection method. It difference and RDP / VNC. Example, there are 2 hosts will connection. But 1 host at NAT internal, for another host that not easy remote access by IP address.

TeamViewer resolve that problem perfectly. After start it, it can auto transport register request to server. Client has transport host info own to server. Maybe use some algorithm to get an ID, and assign to your host. For much firewall, outgoing traffic is belong as trust generally, vice versa with untrust. Currently, I just think TeamViewer with a little disadvantage. But the problem was resolved by RDP / VNC. This is some network full isolated with the Internet. Because TeamViewer is working over the Internet. And RDP / VNC are working over IP network only.

Application software:Cisco Webex Meetings. It used parameter of URL as main connection method. This is similar with TeamViewer, working over the Internet. It is apply for business. Later, Cisco released free edition.
[image]
[image]
You need entered my URL, to start remote access. Of course, it must be start meeting by me(host), the URL has meaningful for join people.
It is difference with TeamViewer, that remote connection is screen-based. And Cisco Webex Meetings is application-based.
So you can use Cisco Webex Meetings to select share image. Such as PPT, explorer or outlook.
Last with a little supplement, about SSH packet of plaintext. It is normal
[encrypted data]
It is special packet
[unencrypted data]
To understand the principle and lab? Please refer keywords 「[Chin] 明文的SSH封包」 from Youtube.

arrow
arrow
    全站熱搜

    Chin 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄