Comments (10)
On server startup the user could specify a pre-shared key or password and we have the client send the password as the first message to the server. Everything is plain text, so it could be sniffed, but not anyone could use the server anymore just by knowing the server IP + port.
from icmptunnel.
agreed
from icmptunnel.
+1 for pre-shared key/password. I'm also planning to add encryption, that is, when I get some time for this.
from icmptunnel.
In that case it probably makes more sense to use TLS with a client certificate. That'll provide encryption and authentication that can't be sniffed since it uses a DH handshake.
Have there been any problems with reliability? The handshake could be difficult to complete over ICMP since it's unreliable like UDP.
Also, is a session defined by a client IP?
from icmptunnel.
rather than going for an overkill solution like TLS (which will be hard to implement with icmp packet size!) i'd rather go for something based on djb's tweetnacl crypto primitives, which fit in a single, small .c file.
( https://tweetnacl.cr.yp.to/ )
from icmptunnel.
@Gandalf- If the client and server are accessible within the same LAN network, the connection can be assumed to be reliable. Cannot say much for connections over the internet. And yes TLS with client certificate might be too much for icmptunnel.
from icmptunnel.
I hadn't heard about tweetnacl; it does look like a good option. Is there already a fork or branch working on this?
from icmptunnel.
So @DhavalKapil have you have a change to add some form of authentication?
from icmptunnel.
@greg5678 Not yet
from icmptunnel.
@rofl0r
if you need a solution with authentication and encryption ,you can try my repo:
https://github.com/wangyu-/udp2raw-tunnel
https://github.com/wangyu-/udp2raw-tunnel#tunneling-any-traffic-via-raw-traffic-by-using-udp2raw-openvpn
from icmptunnel.
Related Issues (20)
- Unable to write to tunnel HOT 2
- Payload size is small. HOT 2
- Tag a release? HOT 1
- [Question] Is the usecase of this software different from `sshuttle` ? HOT 1
- compiling on Cygwin HOT 3
- Encrypt traffic? HOT 1
- i got error
- Client dont have internet HOT 6
- removed HOT 1
- deleted HOT 3
- cant bind tun0 address to create a socks proxy HOT 2
- feature to add client for linphone
- compile error on termux (rooted) HOT 1
- Make Problem HOT 1
- Traffic IP
- Demo
- Can't connect server ip
- error while running tunnel on client
- work On centos 7
- does it support icmpv6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from icmptunnel.