polishlinux.com — Ever wanted to access some service like e-mail or instant messaging from your computer only to find out that it is not available within your restricted network? Not anymore. The article presents the most popular scenarios of using SSH tunneling to bypass numerous firewall rules like port blocking, proxies and more.
Aug 22, 2006 View in Crawl 4
monergismAug 22, 2006
Ludwig, how you spend your company's money is their business. How did you come to your conclusion?
idonthackAug 23, 2006
Just block the SSH port.
knightnetAug 23, 2006
The point about an SSH tunnel is that it appears to the proxy/firewall as a legitimate HTTPS connection. Whilst you CAN ban these, it is unlikely to be allowed by the organisation as it would negate many legitimate uses. You can only really control this by restricting Internet connections to specific hosts - unlikely to be in any way useful, better not to have an Internet connection at all.It is important for any organisation to realise that you can not use technology to solve ALL security issues.
bigbro69Aug 23, 2006
Or they can use a service that filters out packets that aren't HTTP. That's what my school does.
gilouAug 23, 2006
And even if you don't have any access to the net, you may have DNS activated... So you could use iodined to get a virtual network interface over DNS... Check it out at <a class="user" href="http://code.kryo.se/iodine/">http://code.kryo.se/iodine/</a>And like others have mentioned, you can bypass your firewall without so many tunnels / socks. Just have one tunnel to the TCP port of any VPN application and have your server NATing for you. vtund can be set up in 2 minutes. Really : worth it ;)
tinnedtunaAug 23, 2006
Errrm, no offense or anything, but I've been doing this for ages! I even pull the actual apps from my server (given that the client has X11) using the -Y flag. Then all my chats/mails/bookmarks are centeralised. I even do this for some spreadsheets and word processing apps!And yes, it can punch a hole through almost any firewall. Failing that, turn the HTTP service off on the server, and use -D 80 problem sorted.
dmbuzzAug 23, 2006
jdawg what bulls**t are you talking about ?
ajmsscAug 23, 2006
This is all old news, and there are ways to block it, even on port 443. There are HTTPS proxies that verify that the communication is truly HTTPS
dmbuzzAug 23, 2006
I have Qwest DSL and I don't see any metering on my torrents.
sneakygroupApr 5, 2007
<a class="user" href="http://www.t1proxy.com">http://www.t1proxy.com</a><a class="user" href="http://www.sneakydude.com">http://www.sneakydude.com</a><a class="user" href="http://proxy.arcadeholic.com">http://proxy.arcadeholic.com</a><a class="user" href="http://www.sneaky1.com">http://www.sneaky1.com</a><a class="user" href="http://www.pbase.org">http://www.pbase.org</a><a class="user" href="http://www.gaderos.com">http://www.gaderos.com</a><a class="user" href="http://www.jdm.in">http://www.jdm.in</a><a class="user" href="http://www.ray9.com">http://www.ray9.com</a><a class="user" href="http://www.sneakyman.com">http://www.sneakyman.com</a><a class="user" href="http://www.sneakygroup.com">http://www.sneakygroup.com</a>More can be found in this group : <a class="user" href="http://groups.google.com/group/sneakygroup">http://groups.google.com/group/sneakygroup</a>
wolfgang123usaApr 28, 2007
try this you have to install a proxy tunnel yourself at your home computer. Here the HowTo <a class="user" href="http://sharkssl.com/44100/viewforum.php?f=4&sid=b71f75cbde257e319c1b7a5b6a64834d">http://sharkssl.com/44100/viewforum.php?f=4&sid=b71f75cbde257e319c1b7a5b6a64834d</a> , all the HowTo are made for the free version of BarracudaDrive , called homeserver. When you buy the professional version the proxy is allready buildt in. The free and the professional version you find at <a class="user" href="http://barracudaserver.com/products/BarracudaDrive/HttpsTunnel.html">http://barracudaserver.com/products/BarracudaDrive/HttpsTunnel.html</a> enjoy, Wolfgang
xandrozJul 2, 2007
instead of using SSH use IPSEC<a class="user" href="http://www.jaec.info/Firewall/VPN%20Firewall/firewall-vpn-introduction-1.php">http://www.jaec.info/Firewall/VPN%20Firewall/firewall-vpn-introduction-1.php</a>
spatesJul 9, 2008
If you are looking for a fresh high speed web-proxy to access blocked sites at work and school or you just want to surf the web anonymously you should try <a class="user" href="http://www.browsejunk.com">http://www.browsejunk.com</a> this web-proxy is brand new and great for streaming vidoes!!!