RE: ssh tunneling to bypass web proxy rules

["Kirk Brady" <Kirk.Brady () TeachersHealth com au>]

Hi Juan,

I believe that what he is doing is going through an allowed port (such a port 80) and setting up an ssh tunnel to an 
external proxy server set to listen on that port (he may admin the box - could be at his home). this box then proxies 
his requests to the external web pages and sends the results back through the ssh session - as far as your 
firewall/proxy knows, the traffic is allowed so it doesnt stop it.
possibly enabling authentication might stop this.

hth
kirk brady

-----Original Message-----
From: Juan B [mailto:juanbabi () yahoo com]
Sent: Sunday, 21 August 2005 11:04 PM
To: security basics
Subject: ssh tunneling to bypass web proxy rules


Hi,

Someone told me one can pass web proxy restrictions by
tunnling throw ssh to restricted web sites like web
mail sites in our corporate network.I really whant to
know how he is doing that but I dont know where and
how to test it, and he of course doesnt tell.

I need to close this hole in the network.

can someone give me a hand please.

Juan.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com