Re: SSH & typical corporate network use policies?
From: Frank (nospam_at_rogers.com)
Date: 05/29/03
- Next message: Ram: "Re: Cisco Pix 506 log"
- Previous message: Chuck: "Re: Security Minds versus Malicious Minds Book"
- In reply to: Mike: "Re: SSH & typical corporate network use policies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 May 2003 14:38:41 GMT
You can have your home ssh server listen at 443/TCP. 443/TCP used by HTTPS
is open in every company. The HTTPS data are encrypted. It is very
difficult for most of the firewalls and administrators to distinguish what
you are doing.
But if your new big company uses ITShield firewall
(http://www.itshield.com), you will not be happy. Because ITShied firewall
checks whether the data of a session are well-formatted or not according to
the correspending protocol. It even can check whether the data of HTTPS
session follow the protocols of SSL and HTTP.
Good luck
Ida
"Mike" <nospam@notherematey.com> wrote in message
news:bb526u$fs5$1@thorium.cix.co.uk...
>
> "Bob Moriarty" <Bob@NJ-Networks.com> wrote in message
> news:Oq2dnWySdqiWmEujXTWcpg@comcast.com...
> > In large (read paranoid) organizations, it is not uncommon to find very
> > little 'net access. Most likely, you'll be limited to web browsing and
> > email. Telnet, SSH, FTP, and external NNTP are usually prohibited. And
> > you'll raise a lot of eyebrows if you ask for access. The best solution
is
> > to use a dialup connection to an ISP. AND YOUR OWN LAPTOP! Anything that
> you
> > do with your employer's PC belongs to him, technically. They can and
often
> > monitor activity on the workstation. There are a lot of undereducated,
> > paranoid security guys out there who have nothing else to do but try to
> > catch you doing something. If you can't get an analog dial line, use a
> > Linestein or Targus digital phone line adapter. They can be a little
> clumsy
> > but they do the job.
>
> There are far more well educated guys who run secure networks that don't
get
> infected with virii and other crap from idiots trying to bypass the
> security. They also don't suffer from workstation crashes because (for
> example) some dork downloads a 100Mb jpeg of their first born and puts it
up
> as a desktop wallpaper etc.
>
> Business computer resources exist to allow the business and its employees
to
> function. Not for people to find ways to while away their working hours
> doing non-profitable tasks.
>
> If you really want annonimity, then use a laptop & mobile phone setup.
That
> way you will avoid telephone call logging and awkward questions from your
> boss about strange numbers being dialled from your extension. Ideally,
don't
> try to buck the system. Talk to your boss and IT admin and explain the
what
> and why. If they are reasonable they will probably allow you access. If
you
> go behind their backs you will probably regret it.
>
>
>
>
>
- Next message: Ram: "Re: Cisco Pix 506 log"
- Previous message: Chuck: "Re: Security Minds versus Malicious Minds Book"
- In reply to: Mike: "Re: SSH & typical corporate network use policies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
