Security Basics mailing list archives
Re: ssh tunneling to bypass web proxy rules
From: Gonzalo Martinez <karmax () gmail com>
Date: Tue, 23 Aug 2005 00:14:28 +0000
Hi Juan This is a common "backdoor", the attacker installed some proxy inside the network, then redirects ssh port to the port he want to use with the proxy, so now he is accesing like he was INSIDE the network. To avoid this you must review your fw rules, be MORE STRICT on outbound traffic, and do a full review of your rules. Good luck PS: you can search at google for some papers about this "backdoor" (you will find a lot) -- Gonzalo Martinez Jabber: KarMax () jabber org On 8/21/05, Juan B <juanbabi () yahoo com> wrote:
Hi, Someone told me one can pass web proxy restrictions by tunnling throw ssh to restricted web sites like web mail sites in our corporate network.I really whant to know how he is doing that but I dont know where and how to test it, and he of course doesnt tell. I need to close this hole in the network. can someone give me a hand please. Juan.
Current thread:
- ssh tunneling to bypass web proxy rules Juan B (Aug 22)
- Re: ssh tunneling to bypass web proxy rules Alexander Klimov (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Par Leijonhufvud (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Saqib Ali (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Gonzalo Martinez (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Sagiko (Aug 23)
- Re: ssh tunneling to bypass web proxy rules James Leighe (Aug 23)
- Re: ssh tunneling to bypass web proxy rules William Hile (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Oliver Leitner (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Times Enemy (Aug 24)
- Re: ssh tunneling to bypass web proxy rules Barrie Dempster (Aug 24)
- <Possible follow-ups>
- RE: ssh tunneling to bypass web proxy rules Kirk Brady (Aug 23)
- RE: ssh tunneling to bypass web proxy rules Conlan Adams (Aug 23)
- Re: ssh tunneling to bypass web proxy rules Alexander Klimov (Aug 23)