How to Secure SSH Port using Port Forwarding (Beginner Guide)

In this article I am going to perform how to use port forwarding in a system which is a process that redirects a communication request from a specific port to another port or host. It is basically allows an outside computer to connect to a computer in a private local area network. Some commonly done port forwarding includes forwarding port 22 for SSH access, and forwarding port 80 for web servers. The major advantage is that it provides security to your private network and secure communication.

Requirement: Kali Linux

Let start!!

Open terminal and type following command to install openssh-server in your system.

apt-get install open-server

After installing the application we need to start this service in our computer which will start SSH service for communication further we have to check the status of service is running or stop.

service ssh start

service ssh status

Yes, SSH service is active and you can see the proper running status with the time and date. 

As we know port 22 is use for ssh and here server listening on port 22.

If I want to check whether the port 22 open or close I will use nmap tool to scane the host using basic command.

SCAN YOUR HOST

 nmap 192.168.0.103

From the result of nmap scan I found port 22 open under service ssh .

Port 22 is badly affected by DDOS attack; if attacker found port 22 open for ssh they will start attacking on server. For security purpose administrator uses port forwarding techniques.

Let me show how to forward a specific port to another port.

PORT FORWARD TECHNIQUE

In kali linux open file sshd_config from computer>etc>ssh>ssd_config

Please look at line no.3 here protocol is listening for port 22 and now just replace 22 from1923 and save the file without changing path.

service ssh restart

So now protocol is listening on port 1923 in place of 22. Let me confirm this with nmap scan.

USE NMAP

nmap -p 1-65535 192.168.0.103

Now if anybody else will scan your ip he/she will have no idea that ssh service is running on port 1923 because from result it is showing 1923 is open under spice service.

Nmap basic scan is failed because we are not getting the proper result from this basic scan. If you are having a good knowledge of Nmap scan then use advances command.

nmap -p – -A  192.168.0.103

Aggressive scan is successful , this scan penetrate under port, protocol and service as you can see port 1923 is open for ssh service.

USE TELNET

Same result can be found under telnet when you connect the host with port no. 1923.

telnet 192.168.0.103 1923

so if you found any port open just try to connect with telnet and you will get result which service is running on that perticular port. Look at the image result is very clear that port 1923 is listening for ssh.

USE NETCAT

Same purpose using netcat you will able to found current service for which 1923 is open.

nc 192.168.0.103 1923

For Windows Users

First download openssh Tool From here and install in your pc

This entire task can be performed under windows system. check whether the port 22 open or close again use Nmap scan

nmap 192.168.0.103

From the result of Nmap scan I found port 22 open under service ssh.

open file sshd_config from my computer>local Disk(C:)>program files>OpenSSH>etc>ssd_config

Here protocol is listening for port 22 and now just replace 22 from3221 and save the file.

So now protocol is listening on port 3221 in place of 22.

Now open command prompt and type following command to restart the ssh service in your system.

C:\WINDOWS\SYSTEM32>net stop opensshd

C:\Users\RAJ>net start opensshd

Let me confirm this with Nmap scan.

nmap -A 192.168.0.103

It is clear from aggressive scan SSH is running on port 3221 instead of port 22. In this way we can breach port forwarding also.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Related Posts Plugin for WordPress, Blogger...

Leave a Reply