Accessing PC on Uni network, Looking for inbound connections, not out. Options

[Lord C]

Okay here's a bit of a challenge.

I know a lot of people are always interested in getting access to the outside world, from a Uni/College network. I'm looking for the exact opposite.

I have a box on a University network, but you know how their firewalls are... I'm trying to think how I can access that desktop from outside the network.

Atm I'm thinking have reverse vnc running on my desktop at home, listening for a connection, then http tunnel out from Uni.

Obviously I can only be in one place at a time, so I'd like to have a couple of ideas up my sleeves before I go in on Friday.

[DingleBerries]

SSH end of story....

[Lord C]

Can't ssh in.

I'm going to try a tunnel, and maybe get VNC or SSH access that way. But it's not really the program/service (ssh/vnc/whatever) that I'm looking for, it's a way of breaking through the NAT.

Any ideas?

[Lazyshot]

I would love to have a handle on some idea of how to maybe get a reverse connection into the network.
Has me thinking about the network I'm on again. Time to investigate. :-P

[Joerg]

If you can't get by the firewall from the outside, you have to go from the inside (read: outbound reverse ssh tunnel)

[Zack Fasel]

Joerg is right. There's 3 ways off the top of my head to initiate this from the outside:

1) Corporate Service
Services like GoToMyPC and LogMeIn (has a free version) were designed to handle this. But with this, comes monthly fees and it's not a full connection, just an RDP simulant.

2) Hamachi
Create your own hamachi network, and you'll be able to connect to it as if it's on the LAN (works excellent when you also want to host LAN parties and not worry about port forwarding / a dedicated server). Probably the easiest, and free, but you'll need to install hamachi, so if you're using public terminals that you don't have admin rights on, you're SOL.

3) Make your own ReverseSSH/VNC Connection
Two ways i can think of doing this:
a ) Having a dedicated/virtual private server to forward this to (pricey, but you can do so much more with the VPS and you'll have a public IP presence) - You could always find a friend and bum a port and some bandwidth off of him.
b ) Hack it - Setup a Cronjob or Scheduled Task to phone home to a website constantly, pull a file that gives an IP and port, and reverse tunnel to that IP/Port. Make sure you check the public keys if you do attempt to do this to prevent any kind of hijacking attempt, and this won't get you arround a firewall if you're behind one on your side.

My personal recommendation is do number two if you're trying to do it quick, easy, free, and 3a if you're looking to have some fun and have the most felxibility - just watch your bandwidth usage over that link.

[Lord C]

Thanks people. I'll give Hamachi a try, but I have my doubts about it connecting.

If it doesn't I'll have to go with a reverse conn.

[ax0n]

Thanks people. I'll give Hamachi a try, but I have my doubts about it connecting.

If it doesn't I'll have to go with a reverse conn.

Here's a write-up I did in response to this thread. It was blog-post worthy and a bit lengthy for a forum reply.

[Lord C]

Nice write-up Ax0n, thanks.

[ax0n]

Nice write-up Ax0n, thanks.

No problem. I've been meaning to put something like that together for a while. You just prodded me into thinking of ways to trigger the reverse connection -- which is where I kind of got hung up when I was putting together the "quick and dirty tunneling" article. I was in a hurry when I wrote that one in February. Plus, I needed something to pass time. In another terminal, I was compiling Firefox 3 from source in NetBSD on a 110MHz SparcStation 20. An arduous process, rest assured.