On Thu, Sep 25, 2008 at 08:52:56AM -0700, Vieri Di Paola wrote: > > I've always used plain text. > It's the case right now. > So if the lines are not wrapped properly I apologize on behalf of Yahoo. :-) > (will try to write as little as possible for clearness) > Then don't worry about it. :-)
> > Understood. > > So basically, since it's absurd to block access to HTTPS sites from > "loc to net" and SSL traffic can't obviously be "sniffed" or "truely > proxied" then I have to live with the fact that, for example, a local > user could execute a program (which doesn't require admin rights) that > launches a custom, mini-vnc server and connects to a remote SSH server > which is actually listening on port 443. A remote user could then > connect to the SSH server and tunnel a vnc client to connect to my > local user's screen (s/vnc/rdp/g). > > Please let me know if I'm writing nonsense. > It makes sense. If your users are that savvy, there is not much you can do about it :-) Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
