[clug] secure remote access method [SEC=PERSONAL]

David Tulloh david at tulloh.id.au
Fri Jun 19 05:01:45 GMT 2009


jm wrote:
>
> What I'm trying to drive at with this thread is the assumption that 
> everything is open between you and your server. The  assumption is 
> your only trying to protect against eves dropping, man-in-the-middle, 
> and someone trying to crack your server. The internet is becoming less 
> open. There are firewalls out there that can be between you and your 
> server...
I think there are two things here, the first is that the internet 
becoming less open is only really happening in short sighted 
workplaces.  The real solution I see is to either not work there or 
change the policies.

The other thing is you are looking for a general solution to lots of 
different problems.
I don't have to deal with silly blocking at work, I just run normal ssh 
on a port other than 22.
If they blocked non-standard ports, use one left open (imap for example).
If you can only get out through a http proxy, make it look like http.
etc.

Personally, I would probably be looking for another job at around step 
three on that list.  Pedantically blocking everything seems like a whiff 
of a much bigger stench.

I don't think there will ever be a general 'this is the way we avoid 
stupid work restrictions' because a week later that's exactly what will 
be blocked.  The better question is why are they blocking stuff?
If it's a good reason why are you trying to get around it?
If it's a bad reason why are you still working there?


David


More information about the linux mailing list