TCP Gender Changer

From Wikipedia, the free encyclopedia
Jump to: navigation, search

TCP Gender Changer refers to a method of making an internal TCP/IP based network server accessible beyond their protective firewall.

How it works[edit]

It consists of two nodes, one resides on the internal the local area network where it can access the desired server, and the other node runs outside of the local area network, where the client can access it. These nodes are respectively called CC (Connect-Connect) and LL (Listen-Listen).

The reason behind naming the nodes are the fact that Connect-Connect node initiates two connections one to the Listen-Listen node and one to the actual server. The Listen-Listen node, however, passively Listens on two TCP/IP ports, one to receive a connection from CC and the other one for an incoming connection from the client.

The CC node, which runs inside the network will establish a control connection to the LL, and waiting for LL's signal to open a connection to the internal server. Upon receiving a client connection LL will signal the CC node to connect the server, once done CC will let LL know of the result and if successful LL will keep the client connection and thus the client and server can communicate while CC and LL both relay the data back and forth.

Use cases[edit]

One of the cases where it can be very useful is to connect to a desktop machine behind a firewall running VNC, which would make the desktop remotely accessible over the network and beyond the firewall. Another useful scenario would be to create a VPN using PPP over SSH, or even simply using SSH to connect to an internal Unix based server.

Implementations[edit]

There has been many implementations of this method. Some of its implementations are found in the Reference and External Links sections.

See also[edit]

References[edit]

External links[edit]