Re: SSH thru HTTP? Sounds backwards.

From: Brian Hatch (security-discuss_at_ifokr.org)
Date: 10/13/03

  • Next message: Michael French: "Re: SSH thru HTTP? Sounds backwards." 
    Date: Mon, 13 Oct 2003 11:44:20 -0700
To: security-discuss@linuxsecurity.com

    > He asked me "is it possible for someone inside my organization to twart
    > security by ssh tunneling thru my HTTP proxy server to a destination SSH
    > server listening on port 80". I don't know what http proxy he's running and
    > we didn't talk about SSL or 443 proxy - I'm assuming the same rules would
    > apply.

    Either using httptunnel, to make all outbound traffic look like
    real HTTP access (requires an httptunnel server on the remote end)
    which will go happily through even a application gateway, or by
    just running an SSH server on the remote end on port 80 (sshd -p 80)
    and connecting to it that way (sssh -p 80 remote host) s.t. it may
    be allowed outbound by straight packet filters, etc.

    See some pretty pictures at
    http://www.ifokr.org/bri/presentations/secureworld-2003/mgp00034.html 

    --
Brian Hatch                  "Do you understand
   Systems and                everything you say, sir?"
   Security Engineer         "Yes, if I listen
http://www.ifokr.org/bri/     attentively."
Every message PGP signed

    ------------------------------------------------------------------------
         To unsubscribe email security-discuss-request@linuxsecurity.com
             with "unsubscribe" in the subject of the message.

  • Next message: Michael French: "Re: SSH thru HTTP? Sounds backwards."