Hosting Provided By

Re: Securing ssh tunnels.

From: Bill Weiss <houdini(at)nmt.edu>
Date: Fri Jun 27 2003 - 11:51:07 EDT

Roy S. Rapoport(rsr@inorganic.org)@Thu, Jun 26, 2003 at 06:17:01PM -0700:
> When dealing with a cleartext protocol (HTTP, telnet), your filters/proxies

That's where sshmitm and webmitm come in. You tell all of your users that, yeah, SSH/SSL is a great idea. But you have an obligation to see all outgoing traffic. They still get their stuff encrypted from point to point (with a small crack inbetween), you get to make sure they're not doing anything stupid. Same as you do with web traffic (transparent proxy) and telnet.

-- 
Bill Weiss
 
The right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon probable cause, supported
by oath or affirmation, and particularly describing the place to be
searched, and the persons or things to be seized.
	--	The fourth amendment

Received on Fri Jun 27 13:16:03 2003

This message: [ Message body ]
Next message: Michael Martinez: "Regarding the sftp logging patch: complaints, criticism, praise, etc."
Previous message: Atro Tossavainen: "Re: Sftp Logging Patch"
In reply to Roy S. Rapoport: "Re: Securing ssh tunnels."
Next in thread: Greg A. Woods: "Re: Securing ssh tunnels."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:00 EDT