This isn't the exact page I saw but is similar in concept.
http://www.netobjective.com/java/telnet.html
As I suspected, their actual proxy has been "temporarily shut down" because
of "malicious use", but you can still see the java client portion. The proxy
itself seems to be able to bind to any port (443 is a good choice given the
proliferation of HTTP proxies deployed in perimeter defences nowadays) and
the client can be run in appletviewer with security set to unrestricted to
allow it to connect to any Java Proxy Server on the web.
--
Gene Lee
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-----Original Message-----
From: Gene Lee <[EMAIL PROTECTED]>
To: Daniel Garcia <[EMAIL PROTECTED]>
Cc: John Cheswick <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
<[EMAIL PROTECTED]>
Date: Sunday, January 23, 2000 8:44 PM
Subject: Re: Telnet/SSH through HTTP proxy??
>I'm sorry, this was a bad example. I did a quick search on "Java Telnet
>Applet" and included the first site it returned without properly checking.
A
>while ago, somewhere on the web, I ran into a Java Applet which tunneled
>telnet data over HTTP and the real connection was made from that web server
>to any destination you specified.
>
>You are right that any unsigned applet can only make connections back to
the
>originating web-server, and this one did. The outbound telnet connection
was
>made by the web server, not the web browser. It acted as a telnet proxy of
>sorts. Personally I doubt this applet still exists in that form as the
>potential for semi-anonymous cracking attempts probably made it an
>attractive web site.
>
>I'll forward the URL if I do manage to dig it up...
>
>--
>Gene Lee
>[EMAIL PROTECTED]
>[EMAIL PROTECTED]
>-----Original Message-----
>From: Daniel Garcia <[EMAIL PROTECTED]>
>To: Gene Lee <[EMAIL PROTECTED]>
>Cc: John Cheswick <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
><[EMAIL PROTECTED]>
>Date: Sunday, January 23, 2000 8:27 PM
>Subject: Re: Telnet/SSH through HTTP proxy??
>
>
>>On Sun, 23 Jan 2000, Gene Lee wrote:
>>> >I'm not worried about some wizzo hand-crafting
>>> >packets; what I'm more wondering is if there are
>>> >already tools out there that do this. Pointers
>>> >anyone?
>>>
>>> One thing you really have to worry about are all these Java Telnet
>Applets
>>> springing up all over the place. Good example of one is:
>>> http://edcen.ehhs.cmich.edu/telnet.html
>>
>>Why? The telnet applets like the one you showed here use regular telnet
>>to connect to their host. They're not tunnelling over http. That web
>>page is -no- different than opening up a telnet client to
>edcen.ehhs.cmich.edu
>>and if your firewall blocks outbound telnet then that applet won't work
>>either!
>>
>>> It is hardcoded to telnet only to a specific host, but there are
probably
>>> some on the net which are not security-conscious and allow you to
specify
>>> exactly where you want to telnet to. Hard thing is deciding if you want
>to
>>> block Java at the proxy, since a lot of organizations are using Java to
>>> deploy legitimate web-based applications.
>>
>>Actually - that has nothing to do with how the applet is coded or the site
>>it comes from. It is a limitation in the applet security model. Applets
>>are -only- allowed to make network connections to the machine they were
>>downloaded from. A signed applet would be able to go to other sites, but
>>again, if your firewall blocks telnet access, then the applet won't be
>>able to get through.
>>
>>Now, I suppose you could make a connection over port 80 if your firewall
>>just blindly allows access through port 80. If the firewall does some
>>kind of proxying, and only allows valid HTTP through, then tunneling
>something
>>like telnet becomes a little triciker (or maybe more than a little).
>>
>>I haven't seen an applet yet that does this (doesn't mean it isn't out
>>there though :)
>>
>>--Dg
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
