Hosting Provided By

Re: Securing ssh tunnels.

From: Darren Reed <avalon(at)caligula.anu.edu.au>
Date: Thu Jun 26 2003 - 20:19:22 EDT

In some mail from Ivan Chavero, sie said:
>
>
> El mar, 24-06-2003 a las 19:54, Darren Reed escribió:

You cannot control what gets tunnelled inside of ssh.

Allowing ssh through is, in some ways, like saying allow any tcp connection to an outside host. There's no control over what connections can and cannot be made by the firewall.

> > Has anyone else come across this sort of reasoning ?

This is the exact problem: "can make secure conecctions of almost anything".

What use is a firewall for restricting connections if something like ssh is providing an easy conduit, not to mention an it being opaque, for every connection that you would otherwise block to go through ?

Darren Received on Thu Jun 26 21:19:12 2003

This message: [ Message body ]
Next message: Roy S. Rapoport: "Re: Securing ssh tunnels."
In reply to Ivan Chavero: "Re: Securing ssh tunnels."
Next in thread: Georg Graf: "Re: Securing ssh tunnels."
Reply: Georg Graf: "Re: Securing ssh tunnels."
Reply: Markus Friedl: "Re: Securing ssh tunnels."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:00 EDT

Do you need help?