Re: SSH thru HTTP? Sounds backwards.

["Steven Adams" <steve@xxxxxxxxxxxxx>]

Title: SSH thru HTTP? Sounds backwards.

I have tried this before, my work runs msproxy 2.0 and i wasent able to get passed it by using this.

 

I found an isa server and stole a user/pass from an admin, was using that fora while untill we moved buildings and now its all changed. :(..

 

Anyone know how to get passed ms proxy 2.0?

 

 

/Steve

----- Original Message -----

From: Michael French

To: security-discuss@xxxxxxxxxxxxxxxxx

Sent: Tuesday, October 14, 2003 4:58 AM

Subject: Re: SSH thru HTTP? Sounds backwards.

    Very easy.  I used to do this all the time at the last company I worked at because they did not allow ssh out and I wanted to log into my home box.  Actually, the remote server doesn't even have to be listening on port 80, I had ssh running on the standard 22 remotely.  I used a little program called corkscrew which can tunnel through many proxies.  It even compiles under cygwin so you can use it under Winbloze.  Check it out:

 

http://www.agroman.net/corkscrew/

 

Michael French

----- Original Message -----

From: Bernard Hoffman

To: security-discuss@xxxxxxxxxxxxxxxxx

Sent: Monday, October 13, 2003 11:04 AM

Subject: SSH thru HTTP? Sounds backwards.

Hello all.

A colleague asked me a question that I was unable to answer, so I thought one of you might be able to help.

He asked me "is it possible for someone inside my organization to twart security by ssh tunneling thru my HTTP proxy server to a destination SSH server listening on port 80".  I don't know what http proxy he's running and we didn't talk about SSL or 443 proxy - I'm assuming the same rules would apply.

My initial reaction was "no, it's not a hole", but then I thought about some "less intelligent" proxies that don't inspect packet content... and that was the end of my expertise.

Is it possible?  or better question, is it likely?
-=Berns

------
Bernard Hoffman
Captive Capital Corp.  (f.k.a. eMarket Capital, Inc.)
http://www.captivecorp.com