[clug] ssh, https and GoogleEarth

Daniel Black daniel.subs at internode.on.net
Wed Jan 10 12:16:23 GMT 2007

On Wednesday 10 January 2007 21:36, chris wrote:
> Hi list,
> Is there a way to completely block ssh traffic while permitting https
> traffic through over a network that uses a proxy to access the net? If
> you block outgoing traffic on port 22, then people can setup sshd to 
> listen on port 443.

Whitelist your proxy so you can only go to specific https sites.

> And the proxy will let you through because it thinks 
> you are visiting a https page. In other words, how can I distinguish
> between ssh traffic and SSL traffic?

http://l7-filter.sourceforge.net/ (iptables based has ssh and ssl pattern 
rules.) either say port 443 is allowed ssl or port 443 is not allowed ssh.

Some iptables rules about in/out volume ratios or connection time may work too 


Daniel Black
Proudly a Gentoo Linux User.
Gnu-PG/PGP signed and encrypted email preferred
GPG Signature D934 5397 A84A 6366 9687  9EB2 861A 4ABA 7667 7097
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20070110/83c688e5/attachment.bin

More information about the linux mailing list