[TriLUG] blocking outbound port 22
Matt Flyer via TriLUG
trilug at trilug.org
Thu Oct 8 10:44:21 EDT 2015
This sounds like a perfect place to test the application Corkscrew:
http://www.techrepublic.com/blog/linux-and-open-source/using-corkscrew-to-tunnel-ssh-over-http/
" If you are in an environment that disallows the use of SSH and forces
the use of an HTTP proxy, it is possible to use that HTTP proxy as a
transport for SSH."
I worked at a place that was absurdly totalitarian with regards to their
web proxy. As a design engineer I would frequently research technical
information and they would even block categorically university sites,
where you can get a lot of technical papers, as "educational sites
prohibited".
Using SSH to tunnel out of there was the quick and obvious answer.
Blocking port 22 simply makes the case for moving SSH to a non standard
port, the old security through obscurity line.
> port ssh , can be easily used for tunneling
>
> I think, web proxy is in the blacklist for security reason.
>
> On Wed, Oct 7, 2015 at 5:22 PM, Ken Mink via TriLUG <trilug at trilug.org>
> wrote:
>
>>
>>
>> Sent from my iPhone
>>
>> > On Oct 7, 2015, at 16:52, Wes Garrison via TriLUG <trilug at trilug.org>
>> wrote:
>> >
>> > I ran into a situation today I've never seen before.
>> >
>> > I was working at an engineering firm and their IT guy had all outbound
>> > traffic on port 22 blocked.
>> >
>> > Is there any sane reason to do this?
>> >
>> > I can't think of any reason to block SSH, but maybe I'm missing
>> something.
>> >
>> > -Wes
>>
>> Sure, internal security policies. One place I worked had ALL outbound
>> traffic blocked. The only way out was web proxy, which also had quite
>> the
>> blacklist.
>>
>> Ken
>>
More information about the TriLUG
mailing list