Full Disclosure mailing list archives

Re: SSH vs. TLS

From: Gerhard den Hollander <gerhard () fugro-jason com>
Date: Tue, 29 Jun 2004 21:29:23 +0200

* Ng, Kenneth (US) <kenng () kpmg com> (Tue, Jun 29, 2004 at 12:30:12PM -0500)

Today this is a straw man arguement.  You can tunnel practically anything
over any protocol.  I've seen NFS tunneled over EMAIL.  Yes, when you type
"ls" the NFS request packet gets UUENCODED into an email, sent over
sendmail, fed into a decoder and routed back into NFS, and then back.  A few
seconds later and you get a directory listing.  And frankly, I'm not sure
you want to know what besides http really goes over port 80.


In fact, it's quite easy to tunnel ssh through your http(s) proxy 
(do a google on proxytunnel) and it's most liekly that you can tunnel ssh
over a TLS telnet session, thiogh someone might have to be convinced that
writign such a thing is necesary ;) )

: original poster:

- SSH allows tunneling other protocols, circumventing firewall policies.


        Gerhard,  (faliquid () xs4all nl)   == The Acoustic Motorbiker ==       
-- 
   __0  Oh my God, the bomb has just dropped
 =`\<,  And everybody climbed right on top
(=)/(=) Singing,"What a beautifull country

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

SSH vs. TLS dante (Jun 29)
- Re: SSH vs. TLS Valdis . Kletnieks (Jun 29)
- Re: SSH vs. TLS Steve (Jun 29)
- <Possible follow-ups>
- RE: SSH vs. TLS Ng, Kenneth (US) (Jun 29)
  - Re: SSH vs. TLS Gerhard den Hollander (Jun 29)
- RE: SSH vs. TLS full-disclosure (Jun 29)
- RE: SSH vs. TLS List Bot (Jun 30)