[PLUG] remote support tool for firewalled clients

Keith Lofstrom keithl at kl-ic.com
Tue Dec 2 16:39:45 UTC 2008


On Fri, Nov 28, 2008 at 12:56:05PM -0800, wes wrote:

> This all assumes you don't have access to the firewall. If you did, you
> could configure it to forward port 22 to the linux box, then use ssh port
> forwarding to connect to the machines inside from there.

I am currently playing with an ALIX Single Board Computer that will
become my firewall.   A box like this (or as simple as a Linux
reprogrammable router or access point) can be set up to drive an
outbound VPN from the client's LAN to your own site, bypassing the
clien'ts firewall and the ISP's blocked ports.  All the client
would have to do is power the box and plug it into their network. 
The box would reach out to you and provide a tunnel to reach all the
machines on the client's LAN, without reprogramming their firewall.

If the box was two-port, it could sit in between the client's
network and the firewall, and watch traffic as well.  

The ALIX box with trimmings is about $180, and is perhaps overkill
for this task.  You can probably find new WRT54GL access points
for $50, and used ones cheaper.  There are a few dozen models of
wireless access point that can run OpenWRT Linux, and perhaps some
cheaper hardware without the radio (see the openwrt.org site).

I thought about making bootable USB thumb drives that would do this,
but those would depend too much on the hardware they are plugged into.

Keith

-- 
Keith Lofstrom          keithl at keithl.com         Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs



More information about the PLUG mailing list