Firewall Wizards mailing list archives

Re: SSH question

From: "-= ArkanoiD =-" <ark () mpak convey ru>
Date: Mon, 13 Apr 98 00:54:16 +0300

nuqneH,

=> From: Adam Shostack <adam () homeport org>
=> Message-Id: <199804071306.JAA28023 () homeport org>
=> Subject: Re: SSH question
=> To: tobor () ns CompuNetServices com
=> Date: Tue, 7 Apr 1998 09:06:27 -0400 (EDT)

[dd]

=> Note that if you allow inbound ssh, to a workstation, they can use
=> that to proxy just about anything, but if you allow inbound access to
=> any machine where someone who you don't trust has root, they can be a
=> proxy.

Hmm, i translate incoming ssh to telnet on internal network and everything
other than terminal connection itself is disabled. Even X (although i did
not solve X over ssh proxying problem the proper way)

--- 
                                       _     _  _  _  _      _  _
   Must be a visit from the dead..     _| o |_ | | _|| |   / _||_|   |_ |_ |_
   CU in Hell ..........  Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|

Current thread:

SSH question Roy Stevens (Apr 06)
- Re: SSH question Adam Shostack (Apr 08)
  - Re: SSH question Kevin Steves (Apr 11)
    - Re: SSH question Michael Lerperger (Apr 11)
    - Re: SSH question -= ArkanoiD =- (Apr 13)
    - Re: SSH question Michael Lerperger (Apr 13)
    - Re: SSH question -= ArkanoiD =- (Apr 14)
  - Re: SSH question -= ArkanoiD =- (Apr 13)
    - Re: SSH question Michael Lerperger (Apr 13)
    - Re: SSH question -= ArkanoiD =- (Apr 14)
- Re: SSH question Joseph M McKenna (Apr 08)
- Re: SSH question -= ArkanoiD =- (Apr 08)