Re: SSH tunneling/port forwarding and stateful packet inspection

From: steve (steph19731_at_yahoo.com)
Date: 02/25/04

• Next message: Darren Tucker: "OpenSSH 3.8 Released"
• Previous message: Mariusz Lisowski: "Putty: Release 0.54 does not work with SOCKS5 server"
• In reply to: Richard E. Silverman: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Next in thread: Darren Dunham: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Reply: Darren Dunham: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 24 Feb 2004 19:07:38 -0800

Richard E. Silverman <res@qoxp.net> wrote in message news:<m2ptc4uvck.fsf@darwin.oankali.net>...
> This is too vague. State the actual problem you are encountering, with
> precise configuration, products involved, and symptoms you are observing.

Its not a problem per se but I am curious. I don't think actualy
products involved are an issue. Lets just speak generally when talkimg
about common firewalls.

However, I think I may have answered my own question already when I
was thinking about this earlier today.

The scenario is this - point A - a machine running an ssh clinet that
is tunneling via port 443 to point B - a server running an ssh server
on port 443. Point A - the client is using ghe tunnel to port forward
terminal service traffic. My question was, why doesnt the firewall
pick this up in SPI because it is not really sll traffic. However, in
doing a packet trace, I saw that the header of the packet really is
ssl traffic, but the actual port 3389 (term server) traffic a)
encrypted and b) encapsulated. So as far as teh SPI functionality of
the firewall is concerned, it is SSL traffic.

Does this sound feasible?

• Next message: Darren Tucker: "OpenSSH 3.8 Released"
• Previous message: Mariusz Lisowski: "Putty: Release 0.54 does not work with SOCKS5 server"
• In reply to: Richard E. Silverman: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Next in thread: Darren Dunham: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Reply: Darren Dunham: "Re: SSH tunneling/port forwarding and stateful packet inspection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: How to Maintain an IIS Server? ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ... (microsoft.public.inetserver.iis.security) Re: CEICW fails at firewall config ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ... (microsoft.public.windows.server.sbs) Re: How to Maintain an IIS Server? ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ... (microsoft.public.inetserver.iis.security) Re: Activesync / Airsync - Alternative Ports ... Setup a reverse HTTP proxy. ... Another idea is to use the PPTP capabilities of a Windows Server to allow ... Satellite - Cisco Firewall - Exchange Server ... So on the server side you would configure the port 80 to redirect to ... (microsoft.public.pocketpc.activesync) Re: Activesync / Airsync - Alternative Ports ... "Chris De Herrera" wrote: ... Another idea is to use the PPTP capabilities of a Windows Server to allow ... Satellite - Cisco Firewall - Exchange Server ... So on the server side you would configure the port 80 to redirect to 8888 ... (microsoft.public.pocketpc.activesync)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint