How to Infiltrate Peanut Shell with Internal Network

Next, the construction of independent website is introduced through three steps: registering domain name, building intranet website service and publishing extranet.

Intranet penetration principle:

When information is transmitted from LAN to Internet, the source address will be converted from private address to public address. The router keeps track of the destination address and port of each connection.

When the data is returned to the router, the recorded connection tracking data is used to decide which host to forward to the intranet; If there are multiple public addresses available at this time, when the packet returns, the port number of the client can be used to decompose the packet.

Intranet penetration, that is, NAT (Network Address Translator) penetration, refers to the technology that computers use private IP addresses in the intranet (local area network) and use global IP addresses when connecting to the external network (Internet). This technology is widely used in private networks with multiple hosts, but it can only be accessed through public IP addresses.

For example: for example, I configured a server Server A in my lab. When I am in the lab, I can use SSH connection through my notebook, because I am in the local area network with the server.

When I go back to the dormitory, I can't connect directly with SSH because I'm not in a LAN with the server. At this time, NAT penetration is needed, so I can connect to server A with SSH in the dormitory.

Intranet penetration tool recommendation

There are many traditional tools on the market at present. Well-known open source tools include * **Ngrok, FRP, fcn, goProxy**, and other commercial tools such as peanut shells and commercial software developed based on Equal Ngok and FRP. Then, sort them out.

Ngrok series:

Ngrokngrok？ It is a kind of reverse proxy, which exposes the service of the internal network host to the external network by establishing a secure channel between the public endpoint and the local running Web server. Ngok can capture and analyze the traffic on all channels, which is convenient for later analysis and playback, so it can easily assist server program testing.

NatappNATAPP is a domestic high-speed intranet penetration service based on ngrok, in which the free version provides full tunnel penetration of HTTP, HTTPS and TCP, random domain name /TCP port, forced change of domain name/port from time to time, and customized local port.

Sunny-ngrokonny-ngok provides free intranet penetration service. The free server supports the binding of custom domain names and the management of intranet servers. The intranet WEB is used for demonstration, the external network accesses the local web, and the local development of WeChat and TCP port forwarding.

Xiaomi Ball Xiaomi Ball is specially designed for students to debug local web projects, which saves the deployment link. Provide free use to students in need. ?

Echositeechosite is also an intranet penetration tool developed by ngrok. It supports multiple protocols. It used to be free, but now it is charged. However, for ordinary use, it is 1 yuan/month, and you can choose according to your own needs.

hush

Used with automatic cleaning tool, because automatic cleaning has fault tolerance function.

Project Home Page: www.harding.motd.ca/autossh/

Project Description: Automatically restart SSH session and tunnel. SSH tool is a very powerful tool, which can not only connect remotely, but also establish tunnels and forwarding ports. With this feature, you can connect external network port requests to internal network ports.

The connection of SSH itself is not stable. With the help of the tool autossh, the tunnel can be established stably. Autossh will automatically maintain and maintain the connection due to failure or other network conditions.