Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ssh tunneling to bypass web proxy rules

From: Oliver Leitner <Shadow333 () gmx at>
Date: Tue, 23 Aug 2005 23:11:44 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

i think the prolly best way would be to filter off the connection
strings, like some kind of content based filtering...

greetings
oliver

William Hile wrote:
| The only way to actually stop this would be to block outbound SSH
| completely. As long as this person has a shell account that accepts SSH
| he can tunnel basically anything through there. As far as telling you
| how that would depend on the SSH client side... there are several ways
| to do it... But to stop him just block outbound SSH.
|
|
|
| William Hile, CCSA, CCSE
|
| On Sun, 21 Aug 2005, Juan B wrote:
|
|> Hi,
|>
|> Someone told me one can pass web proxy restrictions by
|> tunnling throw ssh to restricted web sites like web
|> mail sites in our corporate network.I really whant to
|> know how he is doing that but I dont know where and
|> how to test it, and he of course doesnt tell.
|>
|> I need to close this hole in the network.
|>
|> can someone give me a hand please.
|>
|> Juan.
|>
|> __________________________________________________
|> Do You Yahoo!?
|> Tired of spam?  Yahoo! Mail has the best spam protection around
|> http://mail.yahoo.com
|>
|
|

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFDC5EQWvEVE8MtwbgRAyoGAKCS9mYhOu+8Yw6+n2HnrOVi3U0SnwCggraU
YP5+d+pMxpqO2iiPMWSgcJg=
=ItPl
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: