Ottey, Daniel William on 27 Feb 2007 14:11:59 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] Putty and firewall piercing


So is the traffic between my SSH client (putty) and the proxy server
also secure?

As you've seen from your visits here at Unisys, our firewall blocks
(among many other things) outbound port 22, so I run my home SSH server
on port 23 for more convenient access.  But I also run a proxy server on
that same box at home, which helps me to access programs such as gtalk
via gaim (since those ports are also blocked by the corporate firewall).
So I guess I could just change my setup so I could use the proxy
instead...

But I suppose there is also some overhead and perhaps delay for my box
at home to perform all the proxying.

Interesting!

PS.  Does anyone know if RDP (Microsoft's Terminal Services in Windows
XP) is secure traffic?  Right now I tunnel my RDP to a home box through
an SSH tunnel to be safe.

-----Original Message-----
From: plug-bounces@lists.phillylinux.org
[mailto:plug-bounces@lists.phillylinux.org] On Behalf Of Lee Marzke
Sent: Tuesday, February 27, 2007 1:06 AM
To: Philadelphia Linux User's Group Discussion List
Subject: [PLUG] Putty and firewall piercing

I had a situation where I needed to publish software to a Web server in
the DMZ,  but the firewall ( managed by a sister company ) only allowed
proxyed requests ( port 80, 443 ) to the DMZ, and no SSH, FTP, or
anything else.

Rather surprisingly I found that Putty includes a "proxy" tab in it's
configuration settings,  which does about the same thing as proxytunnel.

You might have to run a receiving SSH deamon on port 443 if the proxy is
restrictive, but
other than that - Putty will then tunnel SSH right through the proxy.

So outbound proxies
are really not that effective except in protecting the lusers.

Lee







___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug