$2\mathrm{.}4$ Task $4$: Evading Ingress Filtering

Machine A runs a web server behind a firewall; so only the machines in the internal network can access

this web server. You are working from home and needs to access this internal web server. You do not have

VPN$,$ but you have SSH$,$ which is considered as a poor man's VPN$.$ You do have an account on Machine A

$($or another internal machine behind the firewall$),$ but the firewall also blocks incoming SSH connection, so

you cannot SSH into any machine on the internal network. Otherwise, you can use the same technique from

Task $3$ to access the web server. The firewall, however, does not block outgoing SSH connection, i$.$e$.,$ if you

want to connect to an outside SSH server, you can still do that.

The objective of this task is to be able to access the web server on Machine A from outside. We will use

two machines to emulate the setup. Machine $A$ is the internal computer, running the protected web server;

Machine B is the outside machine at home. On Machine A$,$ we block Machine B from accessing its port $80$

$($web server$)$ and $22($SSH server$).$ You need to set up a reverse SSH tunnel on Machine A$,$ so once you get

home, you can still access the protected web server on A from home.