say there are three players: A, B, C where A is local machine, B is ssh server,

Question

say there are three players: A, B, C where A is local machine, B is ssh server, C is the final destination.

through ssh local port forwarding, A can connect to C via B.

So then data will be following the path A--B--C in order to communicate each other.

Let say C was originally designed to only allow connection from B but restrict connection from A. Of course this is the reason why A would use port forwarding to reach C.

In this case, is there a way for C to detect that even though its data is going to B, the end-user is actually A?

In other words, is there a way for C to detect port forwarding?

Based on my limited knowledge, since C is sending all the data to B afterall, shouldn't it NOT be able to detect A?

Explanation / Answer

No, C will not be able to know that A is the original source of traffic. All packets will have B as their source IP address, and even the TTL of B. (Because only the contents of packets are copied, not their metadata.)

Of course, if you control B, you can detect the port forwarding, and block or tag it as you want, but you probably shouldn't allow untrusted users to do port forwarding on B, or shouldn't be treating B as a trusted host.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.