Free https tunnel software for linux

Port forward is a java application which gives you the ability to open tunnels between your local computer and a remote ssh server. With Port forward, tunnels can be created both local or remote.

Examples:

1. Open a local tunnel to reach a remote mysql database

- Your application needs to connect to a remote database server (mysql for example), but the database server (remote.server.example) is not configured to expose mysql to internet directly.
- Port forward will open a local port (3306) and redirect the connections to remote.server.example ssh server
- The remote.server.example ssh server will connect to its local mysql server

2. Open a local tunnel to use a remove VNC desktop

- You want to connect to your home computer which has a vnc server but from work, the firewall blocks vnc connections (generally on port 5901)
- If you have a ssh server at home, you could use it as bridge to connect to a client in your home:

Your position internet your linux ssh server ->>
-->> you client with vnc (192.168.0.40)

you office
internet >

3. Open a remote tunnel to pilot a remote linux server non reachable through internet
In this example, you will create a remote tunnel, this will give the remote man to connect to and reach you.

I used this example if I have to pilot a remote pc, but this pc has no static IP or is behind a firewall
The good solution is to activate port forward on the pc to be piloted and to connect it to a server we can access.


PC 1 (to be piloted) --||||-- firewall ----- internet ----- accessible-server

Installation:

Be sure java is in you classpath
tar zxvf portforward.tar.gz
cd portForward
sh run_linux.sh

PHPortal is a PHP application development environment similar to Zope. It is a pipeline or tunnel application that can help you quickly create dynamic Web applications such as portal and intranet sites. It comes with membership, search, news, and more.

Its easy-to-use tools allow teams to productively and safely work together. It provides access to databases and other legacy data. Its support for Web standards such as SMTP, POP, FTP, and XML-RPC allows you flexibility and interoperability.

It consists of a number of components which work together to provide a complete, yet flexible, application server package. It includes an XML-RPC server, an object-oriented database schema, a search engine, a database virtual file mapping system, a Web page templating system, a Web-based development and management tool, and comprehensive extension support.

unix2tcp is a small program to redirect all connections and traffic from a UNIX socket to a (remote) TCP/IP address.
Example of usage: I have started this project to be able to transparently move my "local" MySQL servers to whatever location I want.
Having a web-hosting server with lots of client scripts that all connect to "localhost" (ie /tmp/mysql.sock) for talking MySQL is a problem when you want to move the MySQL server on its dedicated machine.
This is how we did it: we run unix2tcp /tmp/mysql.sock remoteip remoteport so that unix2tcp will listen to /tmp/mysql.sock and tunnel any traffic to remoteip:remoteport .
There we would have run any "normal" portforwarder to forward from "remoteport" to 127.0.0.1:3306, thus beeing able to keep the grant tables in MySQL untouched (all connection would have seem to come from localhost).
I guess there can be other solutions to this problem too, but this way its the most flexible I have found yet. Another example ideea came from a user of this program. He wanted to remain anonymous so I will respect his wish.
He used unix2tcp to trick some X applications (binary release only) thinking that they are talking to the local X server but in fact they were talking to a remote X server were he forwarded the connections.
Main features:
- tunnels all traffic between a (remote) address/port and a local UNIX socket
- does NOT use fork() (single process model)
- does use O_NONBLOCK , should be no case of blocking

NTLM Authorization Proxy Server is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol.
Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method.
It can change arbitrary values in your clients request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.
Main features:
- supports NTLM authentication via parent proxy server (Error 407 Proxy Authentication Required);
- supports NTLM authentication at web servers (Error 401 Access Denied/Unauthorized);
- supports translation of NTLM scheme to standard "Basic" authentication scheme;
- supports the HTTPS CONNECT method for transparent tunnelling through parent proxy server;
- has ability to change arbitrary values in clients request headers;
- supports unlimited number of client connections;
- supports connections from external hosts;
- supports HTTP 1.1 persistent connections;
- stores users credentials in config file or requests password from a console during the start time;
- supports intelligent failure detection and failover between multiple upstream proxies;
Enhancements:
- This release fixes a minor bug with Python 1.5.2 compatibility.

Port forward is a java application which gives you the ability to open tunnels between your local computer and a remote ssh server.
Tunnels can be created both local or remote
Examples:
1. Open a local tunnel to reach a remote mysql database
Your application needs to connect to a remote database server (mysql for example), but the database server (remote.server.example) is not configured to expose mysql to internet directly.
Port forward will open a local port (3306) and redirect the connections to remote.server.example ssh server
The remote.server.example ssh server will connect to its local mysql server
2. Open a local tunnel to use a remove VNC desktop
You want to connect to your home computer which has a vnc server but from work, the firewall blocks vnc connections (generally on port 5901)
If you have a ssh server at home, you could use it as bridge to connect to a client in your home:
Your position internet your linux ssh server ->>
-->> you client with vnc (192.168.0.40)
you office internet >
You will be now able to connect using a vncclient giving 127.0.0.1:0 as address
3. Open a remote tunnel to pilot a remote linux server non reachable through internet
In this example, you will create a remote tunnel, this will give the remote man to connect to and reach you.
I used this example if I have to pilot a remote pc, but this pc has no static IP or is behind a firewall
The good solution is to activate port forward on the pc to be piloted and to connect it to a server we can access.
PC 1 (to be piloted) --||||-- firewall ----- internet ----- accessible-server
As you can see in this situation, if firewall does not use NAT, you have no way to reah PC 1
Enhancements:
- A button for selecting a command to execute upon connection with the server was added.
- A small problem with removing items was fixed.

Alexs Firewall ByPasser is another TCP tunnel for HTTP proxies.
Main features:
multi-thread design:
- It can handle a huge number of simultaneous connections without problems.
multiple proxies:
- It use a list of available proxies to make connections. So every connection can be done over a different proxy.
ability to check proxies list:
- It is able to check the proxies before real use. This feature can be used to clean and optimize the proxies list.
curses interface:
- It have a nice top like curses interface.
daemon mode:
- It is able to run in background & quiet mode.
Socks4 and Socks5 protocol support:
- Partial support for Socks4 and Socks5. Only CONNECT method (Socks4 & Socks5) and NO AUTHENTICATION (Socks5) is implemented at this time, but in most of the cases it is enough (future versions will implement complete support of both protocols).
Version restrictions:
Alexs Firewall ByPasser should work with every HTTP proxy, with the following exceptions:
- MS Proxies with NTLM authentication. NTLM is a proprietary authentication method from Microsoft, not a standard authentication method.
- HTTP/1.0 and HTTP/1.1 Proxies without the CONNECT method.

THC-UnixHackingTools is a compilation of needfull unix hacking tools including backdoors, cleaners, tunnels, etc written by THC members, that compile on various unix platforms.

They are not elite of course, otherwise we wouldnt release them, but they are very useful - so take a look and tryem out...

Collector v1.0 library to transfer data to other hosts (sniffer!)
Hunter v1.2 easy sniffer for Linux
ICMP-Tunnel v1.0 an icmp tunnel program for transfering files
Searcher v8.0 check admins $HOME for .rhosts/.forward etc.
Smeagol v4.4.4 nice backdoor with acct/logclean and hiding functions
clear v1.3 elite log cleaner (delete!) for utmp(x)/wtmp(x)/lastlog
cnt-svr-filetransfer small sources to transfer files on any unix system
daemonshell tcp and udp daemonshell in perl
fingerd-fileserver patch to fingerd (linux) to transfer files (cool!)
paz v1.0 process accounting zap, deletes accouting info
probe v2.3 script for remote host probing, really good.
t-shirt v4.0 our THC T-Shirt for 98, 1st released on the Cebit
zap3 enhanced zap to delete entrys. also for sys v systems

on most files, the small README inside does not tell much about its options. browse the sourcecode instead.

prtunnel is a program that can tunnel TCP/IP connections in a variety of ways, including through HTTP and SOCKS5 proxy servers. Some if its possible uses include:
- Tunneling TCP connections from client programs to a remote server through an HTTP or SOCKS5 proxy (useful if youre behind such a proxy and want to use a program that doesnt have native proxy support)
- Tunneling TCP connections from SOCKS-capable client programs through an HTTP or SOCKS5 proxy
- Tunneling TCP connections from an IPv4 client program to an IPv6 server and vice-versa
- Forwarding TCP connections
- Running as a simple SOCKS proxy server
prtunnel project was developed and used under Linux and BSD-based operating systems.
Enhancements:
- A bug that would cause malloc(0) to be called in some situations (which could cause problems on some systems) has been fixed.
- The server timeout, if specified, is now set before the proxy server successfully connects to the remote server, which will prevent the program from hanging if the proxy does not respond to the client.