From: sd_wireless@yahoo.com
Date: Mon Oct 07 2002 - 00:22:14 EDT
Computer 1: Laptop running WinXP and fpipe. fpipe is listening on 1433 and
forwarding to Computer 2 on 113.
Computer 2: This host is in a DMZ and only ports 80 and 113 are allowed
inbound. There are no restrictions in place on outbound traffic. It is
running Windows NT4 SP6a server, IIS and fpipe. fpipe is listening on 113
and forwarding to Computer 3 on port 1433.
Computer 3: This host is on the internal LAN. Only port 1433 is allowed in
from the DMZ and only to this host (and only from Computer 2). There are
no restrictions placed on traffic from the internal network to the DMZ or
to the Internet. This is a Windows 2000 host running SQL 2000 (as local
system). It is also running WinVNC.
Computer 4: My laptop running MS SQL Enterprise Manager and MS SQL Query
Analyzer. It is also running a netcat listener and the VNC client in
listening mode. It is on the external interface of the firewall. The only
host it can touch directly is Computer 2, and only on ports 80 and 113.
Here is what is going on...
I can sit at Computer 4, using fipe to route my traffic through Computer 1
and Computer 2, and get an active SQL session on Computer 3. That works
like a charm. I can use the xp_cmdshell stored procedure to my heart's
content.
I can sit at Computer 3 and type at the command line to export a VNC
server session to the listening VNC client on Computer 4. I can sit at
Computer 3 and execute a batch file from the command line to do the same.
I can do this whether the DOS window has been launched by an
administrative account or by local system (using the AT command and
the /interactive switch).
I cannot export the session if I use AT to schedule the WinVNC command.
The VNC sessions pile up in Task Manager on Computer 3, but they never
connect to Computer 4. I cannot use xp_cmdshell and the SQL service to
export the session, the same thing happens. I cannot export a VNC session
if I use netcat to send a DOS command shell from Computer 3 to Computer 4
and then key the VNC command in the shell exported to Computer 4.
Can someone please explain why I am having these problems getting WinVNC
to export the session while I am using SQL, the AT command, and a netcat
sent shell? More importantly, can someone please tell me how to get the
WinVNC session to export?
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:25 EDT