Firewall Wizards mailing list archives
Re: Summary: SSH through firewall
From: "Jan B. Koum " <jkb () best com>
Date: Wed, 28 Jul 1999 00:54:20 -0700
On Mon, Jul 26, 1999 at 10:23:40AM +0200, "Ginsberg Rainer (QI/INF4) *" <Rainer.Ginsberg () de bosch com> wrote:
Some time ago I asked you wizards about the security of ssh from a trusted network to a untrusted network through a firewall. Thanks to all who responded. This is my summary: 1) Most security threats come from insiders. 2) The -R option allows insiders to forward all kind of traffic from the untrusted network to the trusted network. 3) There is no ssh proxy for application gateways that is able to disallow the -R option of ssh. Therefore, I will not allow ssh through "my" firewall.
Uhm.. Hi Ginsberg. Just how do you intend on doing that? What if there is sshd running on port 80. Ohh, you mean you only allow socks application? Gee -- I go build ssh using --with-socks option then ;) If you allow http/https/telnet/etc through your firewall, you should allow ssh. Just MHO. -- Yan
Current thread:
- Summary: SSH through firewall Ginsberg Rainer (QI/INF4) * (Jul 26)
- Re: Summary: SSH through firewall Ge' Weijers (Jul 27)
- Re: Summary: SSH through firewall Jan B. Koum (Jul 29)