9-11-2021 – 20 Years Later

Matthew Heick Leave a comment

There is going to be millions of stories that reflect back 20 years ago to the day that “America was attacked” and “Where we were”. This is one of those million stories, and coming across this story would be a 1 in a million chance.

I was almost 20 years old and waking up in a bed at 563 E. 2nd Street in Jamestown in an upstairs apartment. I had just had an amazing night with my 17 year old girlfriend, woke up, moseyed my way out of the bedroom to sit on her 23-year old brothers couch and prepared for the morning.

My usual poison in the morning was Mountain Dew, Marlboro or a Newport, and “Wake Up” on Headline News. After grabbing my 2-liter and lighting up I turned on the television. The news was on fire, reporting on something hitting the World Trade Center. Fire was plentiful but reports were scarce.

At 8:46am American Airlines Flight 11 hit the World Trade Center between floors 93 and 99. The news was scrambling to make sense and stating it was some tragic small aircraft. The World Trade Center was on fire and that’s pretty much what news cameras were focused on.

At 9:03am I witness it on the news. Flight 175 hits South Tower.

Where was I? Sitting on a couch, smoking a cigarette and drinking Mountain Dew watching a skyscraper get hit by an Airplane live on television.

That was my 9/11/2001

And so I don’t forget a classic saying: There’s an old saying in Tennessee — I know it’s in Texas, probably in Tennessee — that says, fool me once, shame on — shame on you. Fool me — you can’t get fooled again.

Thanks to timeline.911memorial.org to help me get my facts straight

ssh port forwarding / ssh tunneling

Matthew Heick Leave a comment

I’ve always been curious on ssh port forwarding enough to experiment and learn it to be deadly enough. I currently have two machines that I’d like to test this with, both -L (local) and -R (remote).

I have a C7 host behind a router and a C8 host on the internet that I’ll be testing with.

Our set up is the following:

192.168.2.222:22 (c7 Host) <-> 192.168.2.1:* (router) <-> 159.203.99.198:22 (c8 host)

Local Forwarding

What I’m going to do is forward port 4444 on my c7 machine to connect to the c8 host on port 22 by launching the following on 192.168.2.222:

$ ssh -L 192.168.2.222:4444:159.203.99.198:22 localhost

At this point I can start a SSH session to 192.168.2.222 at port 4444. I’m prompted to log in at 159.203.99.198, and i’m good to go. As long as the command is running I maintain a connection.

To remove the login necessity I added ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys for passwordless local log in.

Remote Forwarding

Remote forwarding allows world-accessible hosts to provide access to internal hosts. In our previous scenario we forwarded from an intranetwork host to a world host. Now we’re gonna use that intranetwork host and make it so that if we SSH to the world host at port 4444 that we will be ssh-ing to our intranetwork host, bypassing the router.

On 192.168.2.222 I execute the following:

$ ssh -R 4444:localhost:22 159.203.99.198 -ldiffuser

On my world-accessible host I log in with “diffuser”, and the forwarding is set up.

On 159.203.99.198 I can ssh to localhost:4444 and connect as internaluser with ease:

$ ssh localhost -p 4444 -linternaluser

Due to how /etc/ssh/sshd_config has GatewayPorts set up by default I cannot connect with my home computer to my world-accessible host. I would have to restart sshd service after setting GatewayPorts=yes (by default it’s no)