My experience... The ssh tunnel will allow you to bypass the web filters and download all the viruses and trojans without being noticed, until your machine sends out a million spam emails, and the IT guys notice it. Unfortunately I'm the IT guy, so I have to spend half a day fixing the machine. On Fri, Oct 17, 2008 at 05:23:19PM +0200, David M. Kaplan wrote: > Hi, > > My IT department is really heavy on security. From outside the > building, they have a rather complex system setup so that you can get > around the firewall and ssh into a single machine. From there, you have > to ssh into the machine you want to use. > > To simplify things, I have been using a tunnel to hop from my machine > directly (through the tunnel) to the machine I want to use in the > building. This has worked fine until a couple of days ago when IT > decided to prohibit tunneling for "security reasons" (attempting to use > the tunnel now responds with "channel 3: open failed: administratively > prohibited: open failed"). This has made it almost impossible to work > with the system. > > What I am wondering is exactly what "security risk" does an ssh tunnel > pose? I thought you used an ssh tunnel to enhance security, not the > other way around. Can someone give me a reason why it is a risk to > leave this open or give me good arguments that I can forward to IT for > why they should not prohibit tunneling? > > Thanks, > David > > > -- > ********************************** > David M. Kaplan > Charge de Recherche 1 > Institut de Recherche pour le Developpement > Centre de Recherche Halieutique Mediterraneenne et Tropicale > av. Jean Monnet > B.P. 171 > 34203 Sete cedex > France > > Phone: +33 (0)4 99 57 32 27 > Fax: +33 (0)4 99 57 32 95 > http://www.ur097.ird.fr/team/dkaplan/index.html > ********************************** > >
