[clug] ssh, https and GoogleEarth
Daniel Black
daniel.subs at internode.on.net
Wed Jan 10 12:16:23 GMT 2007
On Wednesday 10 January 2007 21:36, chris wrote:
> Hi list,
>
> Is there a way to completely block ssh traffic while permitting https
> traffic through over a network that uses a proxy to access the net? If
> you block outgoing traffic on port 22, then people can setup sshd to
> listen on port 443.
Whitelist your proxy so you can only go to specific https sites.
> And the proxy will let you through because it thinks
> you are visiting a https page. In other words, how can I distinguish
> between ssh traffic and SSL traffic?
http://l7-filter.sourceforge.net/ (iptables based has ssh and ssl pattern
rules.) either say port 443 is allowed ssl or port 443 is not allowed ssh.
Some iptables rules about in/out volume ratios or connection time may work too
maybe.
--
Daniel Black
--
Proudly a Gentoo Linux User.
Gnu-PG/PGP signed and encrypted email preferred
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x76677097
GPG Signature D934 5397 A84A 6366 9687 9EB2 861A 4ABA 7667 7097
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20070110/83c688e5/attachment.bin
More information about the linux
mailing list