[clug] ssh, https and GoogleEarth

chris u4123459 at anu.edu.au
Wed Jan 10 10:36:00 GMT 2007

Hi list,

Is there a way to completely block ssh traffic while permitting https
traffic through over a network that uses a proxy to access the net? If
you block outgoing traffic on port 22, then people can setup sshd to
listen on port 443. And the proxy will let you through because it thinks
you are visiting a https page. In other words, how can I distinguish
between ssh traffic and SSL traffic?

Just another unrelated issue, I am within a Novell network environment
(Novell Core Protocol sits above all other protocols), I use a proxy to
access the net. While Firefox in windows has no issues to authenticate
itself using a Java program, which is invisible to the user end, but
Firefox in Debian keeps saying "the data area passed to a system call is
too small", I looked it up on Google but didn't find out anything
remarkably helpful.

I don't know how the authentication works, it doesn't require a user ID
or password, if you are running Windows on a laptop and you can pass the
authentication straight away by connecting to the network and get an IP
off the DHCP server.

My workaround is that I am setting my Debian laptop as a router for
another machine that runs XP, as soon the the XP box gets a page from
say www.google.com, my debian is able to use the net without any
trouble. Alternative I can copy the IP and Mac off any box already been
authenticated and stick them in my setting.

Once my net is usable on Debian, if I try to use GoogleEarth, it gets
stuck on contacting server. I can use GoogleEarth perfectly on the XP
box behind my Debian laptop. If I use a ssh tunnel to use a remote
proxy, GoogleEarth will work okay. Any idea what might be causing all this?



More information about the linux mailing list