On Monday 18 February 2008, Mick wrote: > Hi All, > > I think that I have confused myself with this. I am behind a > firewall/http proxy which seems to only allow outbound connections on > ports 80 & 443 for web browsing. This is not enough for me, as I > would like to use my mail client to send and receive mail from behind > the firewall. > > I tried connecting to ssh servers which listen on different ports, > besides tcp/22 and I was not successful. This is probably an > indication that the internet gateway machine only accepts connections > for packets that have a destination to ports 80 & 443. > > If the above is correct, am I right to assume that to be able to run > a tunnel through this internet gateway I should run something like: > > ssh -L 2222:localhost:443 [EMAIL PROTECTED]
Yup, that's pretty much it. Essentially you have set up a tunnel from port 2222 on the local machine (the exact port is irrelevant for firewall purposes, it's mostly random in normal connections anyway) to port 443 on remote_sshd.com. Hopefully you have control over that remote host and now you can do anything you feel like from there, bypassing probably hours of work by some firewall admin <evil grin> Which all goes to show the utter futility out firewalling outbound connections from anyone with clue > 0. Unless of course ... > or are ssh packets somehow distinguishable by their headers, so that > a cleverly crafted firewall will still identify them and drop them? There are such products around, called names like Level 7 firewalls etc. They look inside packets and try to deduce what's being transported. HTML traffic is easy, just look for appropriate URLs. https is less so, to the best of my knowledge https traffic looks a whole lot like ssh, as they are basically wrapped in the same layer. The essential difference is the remote port number. Try the above and see what happens -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
