Intranet penetration---frp

Enterprise 2023-08-18 19:45:26 views: null

definition

Intranet penetration is a method of exposing services in a local network or private network to the public network. It allows external network users to access services or devices on the local network through the Internet.

Typically, intranet penetration requires two main components: client and server.

Client:
1. The client is usually installed on a device to be exposed in the local network, such as a router or a personal computer.
2. The client encapsulates the local service request and sends it to the server.
3. The client is also responsible for establishing communication and maintaining a connection with the server.

Server side:
1. The server side is usually a public cloud server, which acts as an intermediary for forwarding requests.
2. The server receives the request from the client and forwards it to the target device.
3. The server side is also responsible for sending the response from the target device back to the client.

Common tool

The following are some common intranet penetration tools and services:
1. ngrok: An easy-to-use intranet penetration tool that provides public domain names and SSL certificates.
2. Peanut Shell: A commercial intranet penetration solution that provides stable connection and domain name services.
3. frp: An open source intranet penetration tool that supports multiple protocols and custom configurations.

Note that intranet penetration involves exposing the local network to the public network, so security is an important consideration. Make sure that appropriate security measures are configured and used, such as using strong passwords, restricting access rights, and using secure communication protocols.

frp

frp (Fast Reverse Proxy) is a high-performance reverse proxy application that can be used for intranet penetration. It supports tcp, udp protocols, provides additional capabilities for http and https application protocols, and tentatively supports point-to-point penetration. Used to expose services in a local or private network to the public network. It uses reverse proxy technology to allow external network users to access services or devices on the local network through the Internet.

To put it simply, it is possible to connect to any port of any machine running the frpc program through a server with a public network IP anytime, anywhere . 

working principle

frp works as follows:

  1. Deploy an frp server on the public network, which is a public cloud server or a host with a public IP.
  2. Deploy an frp client in your local network on the device where the service to be exposed resides.
  3. The client establishes a connection with the server, and registers the information of the service to be exposed with the server.
  4. The client is responsible for forwarding the request of the local service to the server, and the server forwards the request to the service on the corresponding target device.
  5. A service on the target device processes the request and sends a response back to the server, which then forwards it to the client.

advantage

  1. Ease of use: frp provides a concise configuration and management interface, making deployment and management easy.
  2. Multiple protocol support: frp supports the forwarding of various protocols such as TCP, UDP and HTTP protocols.
  3. Port forwarding function: multiple ports in the local network can be mapped to different public ports.
  4. Custom domain names and subdomain names: frp supports using custom domain names or subdomain names to access exposed services.

1. rdp -Linux

  1. Modify the frps.ini file. For security reasons, it is best to configure authentication here. If the  token parameters in the common configuration of the server and client are the same, the authentication will pass:

    # frps. ini
[common]
bind_port = 7000
# Used for identity verification, please modify it by yourself, and ensure that the server and client are consistent
token = abcdefgh
  2. Start frps:

    ./frps -c ./frps.ini

  3. Modify the frpc.ini file, assuming that the public IP of the server where frps is located is xxxx:

    # frpc. ini
[common]
server_addr = x.x.x.x
server_port = 7000
# Used for identity verification, please modify it by yourself, and ensure that the server and client are consistent
token = abcdefgh

[rdp]
type = tcp
local_ip = 127.0.0.1
local_port = 3389
remote_port = 6000
  4. Start frpc:

    ./frpc -c ./frpc.ini

  5. Access the remote machine through rdp, the address is:

    x.x.x.x:6000

 You can access the Web service on the intranet machine.

Guess you like

Origin blog.csdn.net/qq_56698744/article/details/131616210
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com