On Fri, Oct 19, 2001 at 02:21:27PM -0500, Miles Purdy wrote: > Hi folks, > > I want to SSH from home to work, but I can't, I can't get through the firewall, and >I don't administer it. I while back I thought I read an article (in Sysadmin?) where >a guy set up a SSH server at HOME, and ssh'd out, on port 80, from work to home, and >was then able to use that tunnel at home to administer his work machines. I can't >find what I thought I read anywhere. Will this even work?
You'd probably want to use port 443 instead of port 80. Many firewalls try to do some sort of inspection of port 80 traffic (http transparent proxy). ssl traffic is usually necessarily passed without any modification or substantial inspection. It would, however, be possible to detect that sort of reverse tunnel by looking at traffic patterns. Keystrokes in interactive sessions usually generate certain size packets. Statistical analysis of packet sizes in each direction of long lived tcp sessions could be very interesting. There was a paper on detecting the _real_ nature of tcp connections, but not ssh reverse tunnels specifically, at USENIX security a couple of years ago. Of course, you could make this sort of approach harder by being more clever. Depends on how much work you want to do. If you are caught doing this sort guerilla VPN-like thing and this is in violation of your employer's security policy (very likely) then your employer is well within its rights to fire you. No discussion needed - they could just escort you out the door. So ask yourself, is it really worth it? --- Mark Henderson, [EMAIL PROTECTED], [EMAIL PROTECTED] "Heilir �sir. Heilar �synjur. Heil sj� in fj�ln�ta fold." - Sigrdr�fum�l OpenPGP/GnuPG keys available at http://www.squirrel.com/pgpkeys.asc --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
