I want to use this as a proxy server to connect many different clients with servers. Here is what I'm looking to do:
The server software on a user's computer would connect to a proxy server that is running on a VPS. It would pass in some kind of Key or authentication info to identify itself and then would maintain a persistent TCP connection to the proxy server.
A client application running on a mobile device or other computer would connect to the proxy server and pass in some kind of Key or authentication info. The proxy server would match the connection between the client and server based on their authentication info, and then forward all data back and fourth between the connections.
The proxy server would need to be able to handle multiple clients and servers connecting to it at once and use the authentication info to pair them up. There could be multiple clients connecting to the same server at the same time too. The connection from the client and server would both be outbound so that they are not blocked by firewalls. I wrote the client and server software, so I can make them work with any specific proxy.
What is the name of this kind of proxy server? And can anyone recommend any?
Thanks!
Related
I've got two applications, a client and a rest server on two different servers.
The server is in the DMZ, and the client is on a hosted server.
My entreprise IT department wants to have only ontgoing connexions to the hosted server so that the firewall only sees outgoing connections.
They sugsets to have the following architecture :
hosted dmz
Client <---------------> Server
Proxy server Proxy client
1) Proxy server opens a tcp socket
2) Proxy client connects to this tcp socket permanently
3) http requests can be forwarded from client app to rest server app through the tcp connection
Do you know any software that implements such an active proxy mechanism ? (eg apache, nginx...)
Is it more secure that just opening port 80 for the web hosted machine ?
Do you know any software that implements such an active proxy mechanism ?
There are a variety of solutions: from netcat (nc) to socks5. I suggest you to start with netcat, since it is much easier to understand and configure.
Is it more secure that just opening port 80 for the web hosted machine ?
Yes, it is more secure that just forwarding port 80 to DMZ, since you are punching a hole in firewall just for the specific flow.
On the other hand, adding an access list on top of 80 port forwarding should make it even, but there might be other issues, like corporate politics, hardware limitations etc...
I have to make an app using C/PHP sockets on linux that sends data from one socket to other socket, like this.
I have server (server_hosted) hosted somewhere with an IP or domain name. It is running web application.
I have another server (unknown_server) running at my home (unknown IP).
Client send some information through web application hosted in server_hosted to another server running at my home (unknown IP).
I need a way to established a connection between server_hosted and unknown_server.
I was able to make connection between both using TCP socket. I made server_hosted as server listen to certain port says 8080 and unknown_server as client, which make open connection to server_hosted.
The problem comes when I have multiple unknown_server at my home. How can I made connection to same port? How many client can TCP/IP support?
Any ides how to make tunnel or connection between server_hosted and unknown_server.
Is possible to do with curl or socket any better ideas?
What is the difference between server and client? What difference does it make for some software installations?
For example, I've checked on how to download and install cvs and one of the user asked about server or client.
A server is a program, or machine, that waits for incoming requests.
A client is a program, or machine, that sends requests to servers.
Wikipedia: Server (computing), Client (computing)
For cvs; Are you setting up your own project, in which case you will need to set up the cvs server as well as a client to connect to said server. Or are you connecting to an existing project, in which case you need the client.
In simplest form, a server is a connection point for several clients, that will handle their requests.
A client is software that (usually) connects to the server to perform actions. The client provide a user interface that allows users to carry out actions. It forwards these requests to the server, which carries out the action and returns a response.
In CVS, the server is where the central data repository is held, and client is what you use to access the said repository.
Server: A computer on the network that shares resources for others to use is called a server computer.
Client: A computer on the network that accesses resources that are shared by computers is known as a client computer.
Server is machine that fullfill the request sent by clients.
Client is a machine that sends request to server
I am developing an iPhone application which is communicating with a remote service over a tcp socket connection (the service actually listens on telnet and takes telnet commands too). The connection is of course insecure and all requests (with quite a bit of sensitive data, such as passwords) and responses are transmitted as plain text. My first reaction was to consider a web service with ssl, but developing a web service from scratch seems too lengthy.
Because of that I have been thinking of using an ssh tunnel in order to secure the traffic. Is it possible to set up an ssh tunnel in an iPhone application (with libssh2 for example) and then use that tunnel to securely connect to the remote service? If so, how should I set up the tunnel and most importantly, how should I connect to the remote service and give commands/receive responses? Lastly, what should I keep in mind regarding the tunnel?
EDIT: I forgot to mention that the server running the service is using Windows. SSH is achieved via Cygwin.
I am sorry if the question is too basic but this is really my first real brush with ssh.
I think you may have more security issues by using an ssh tunnel because there isn't a secure way to tie down the authentication information in the app and well, if someone can get that login information they could conceivably connect to your ssh session and start trying to issue arbitrary commands. Of course there are ways to lock down an ssh session, but still, I'd be very wary of that. At least with a web service, it acts as a "broker" between the iPhone app and the telnet session so you can add an extra layer of protection.
We have a asp.net 3.5 web application running on a hosting company's web server that's got a very strict firewall setup. The web application communicates with our sql server express 2005 which is on a completely different network.
The problem is that the web applications sends our sql server a random port number to connect to when it connects to our sql server on port 1433. Hence the web application can not connect to our sql server because then they have to open a whole range off port numbers on the firewall which they are not prepared to do.
My question is the following. Can you specify either in your connection string or somewhere in your web.config the port the client sends to sql server to connect back to on?
Thanks
If I'm getting you right, you want to do something that goes against how TCP/IP port handling is supposed to work.
You want the web application to always use the same port when connecting to your SQL server? This would mean you can only have one connection open at any given time, and so only one user at any given time. The client is supposed to communicate with a server from a "random" port. It's the basics of networking. At least how I learned it.
I'm not sure you can even force it to use the same port every time, and even if you can I'd advice against it.
I'd say the problem is the firewall, and not your application. I can understand that the SQL server only wants to speak to the IP address that your site is on, but it shouldn't really care which port the client wants to talk over (something like [website-ip]:* -> [sql-ip]:1433). To me, it seems like who ever set up the firewall has some kind of crazy firewall ideas, but maybe that's just me.
Is it possible that your SQL Server Express is configured to listen on dynamic ports? If the 'TCP Dynamic Ports' value is 0, I think it will be dynamic even if you have a specific port configured. That value should be cleared completely.
You can specify port if you are using TCP/IP.
For ex:
Data Source=190.190.200.100,1433;Network Library=DBMSSOCN;Initial Catalog=myDataBase;User ID=myUsername;Password=myPassword;
where DBMSSOCN=TCP/IP