Firewall Wizards mailing list archives
Re: Bypassing firewall
From: "Aaron D. Turner" <aturner () vicinity com>
Date: Tue, 25 Jan 2000 11:01:51 -0800 (PST)
Pretty easy. On a remote linux box (doesn't have to be Linux, can be any *nix) he runs sshd on a port allowed out from your network. Port 110 most likely, since he probably doesn't have a pop server on this system. then he runs: ssh -p 110 -L 8000:remoteserver:remoteport otherlinuxbox where remoteserver is the server you want to connect to and remoteport is the port on that server. Then you connect to localhost:8000 on your work machine and viloa- instant port forwarding. You can have multiple -L flags if you want, but it only works for TCP. There are more generic VPN solutions which are more flexible that would work as well. Vtund comes to mind. Look on freshmeat.net for it. -- Aaron Turner aturner () vicinity com 650.237.0300 x252 Security Engineer Vicinity Corp. Cell: 408-314-9874 Pager: 650-317-1821 http://www.vicinity.com On Sun, 23 Jan 2000, Mailing Lists wrote:
Hi! Back where I work, we are using a firewall the blocks everything coming in, and gives internal users permission to use the www, ftp, pop and mail ports. (no icq, no aol, no nothing else). But I overheard one of my users bragging that it bypassed the firewall using two linux machines doing port redirection. I did a little research on this and the most plausible way I found is that he is running a linux inside the firewall which grabs everyhing on a certain port (let's say the icq server port), then forward it through port 80 to another linux box outside the firewall which make the actual call to the icq server on the right port. Is that possible? Is there any other alternatives he can be using? btw, I don't know what the firewall used is, I'm the sysadm for my division, but we are using the corporate firewall. Thanks!
Current thread:
- Bypassing firewall Mailing Lists (Jan 24)
- Re: [firewall-wizards] Bypassing firewall Magosanyi Arpad (Jan 25)
- Re: Bypassing firewall daN. (Jan 26)
- Re: Bypassing firewall Cliff Rayman (Jan 27)
- Re: Bypassing firewall Aaron D. Turner (Jan 27)
- Re: Bypassing firewall Bennett Todd (Jan 28)
- <Possible follow-ups>
- RE: Bypassing firewall jussi . jaakonaho (Jan 25)
- Re: Bypassing firewall Robert Graham (Jan 25)
- Re: Bypassing firewall Saravana Ram (Jan 28)
- RE: Bypassing firewall Riley, Steven (Jan 26)
- RE: Bypassing firewall Kaptain (Jan 28)
- RE: Bypassing firewall Robert Purdy (Jan 31)
- RE: Bypassing firewall Kaptain (Jan 28)
- Re:Bypassing firewall TDyson (Jan 28)
- Re: Bypassing firewall Steven M. Bellovin (Jan 31)