Security Basics mailing list archives
RE: ssh tunneling to bypass web proxy rules
From: "Conlan Adams" <conlan () midwesteyebanks org>
Date: Tue, 23 Aug 2005 11:37:46 -0400
Here is a quick and dirty write up showing what he is doing. http://lukeolbrish.com/tiki-print_article.php?articleId=1 Long story short, you can use a SSH server as a socks proxy for whatever you want through your SSH tunnel. Easiest ways to stop him... 1. Fire him 2. Find out where he is connecting, and ban the IP (if the server is dhcp like a home computer and cable modem, this wont work well) 3. Using group policy to forbid proxy changes via Internet Explorer, and the associated registry keys (this can be circumvented by using another browser) 4. Block all internet access to him at the firewall, allowing only certain services via proxy (Web only really, would work well, but requires more work on your part) 5. Fire him Don't bother blocking port 22 though, as he can just use another port. The best solution to this is to treat it administratively, get him in trouble, ideally fired. He's circumventing network security and most technical means that you have to stop him can be circumvented by a person who knows what he's doing, restrict more than most admins want to, or require prohibitive amounts of work. Conlan -----Original Message----- From: Juan B [mailto:juanbabi () yahoo com] Sent: Sunday, August 21, 2005 9:04 AM To: security basics Subject: ssh tunneling to bypass web proxy rules Hi, Someone told me one can pass web proxy restrictions by tunnling throw ssh to restricted web sites like web mail sites in our corporate network.I really whant to know how he is doing that but I dont know where and how to test it, and he of course doesnt tell. I need to close this hole in the network. can someone give me a hand please. Juan. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- Re: ssh tunneling to bypass web proxy rules, (continued)
- Re: ssh tunneling to bypass web proxy rules Par Leijonhufvud (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Saqib Ali (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Gonzalo Martinez (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Sagiko (Aug 23)
- Re: ssh tunneling to bypass web proxy rules James Leighe (Aug 23)
- Re: ssh tunneling to bypass web proxy rules William Hile (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Oliver Leitner (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Times Enemy (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Barrie Dempster (Aug 24)
- RE: ssh tunneling to bypass web proxy rules Kirk Brady (Aug 23)
- RE: ssh tunneling to bypass web proxy rules Conlan Adams (Aug 23)