[TriLUG] blocking outbound port 22

William Sutton via TriLUG trilug at trilug.org
Thu Oct 8 15:39:57 EDT 2015


some places take data seepage very seriously.  where I work, they've 
pushed out (via Windows GPO) software that automatically encrypts any USB 
keys that get plugged into a workstation.  Which kills transferring 
firmware from your PC to an appliance, but also keeps you from handing off 
sensitive information to someone less than trustworthy.

William Sutton

On Thu, 8 Oct 2015, bak via TriLUG wrote:

> Long ago in a far away land when I was but a nerdling, I was let go from a (rather terrible temporary) job for doing this.
>
> These days I would have just used the data connection I carry around in my pocket all the time.
>
> —bak
>
>> On Oct 8, 2015, at 10:44, Matt Flyer via TriLUG <trilug at trilug.org> wrote:
>> 
>> This sounds like a perfect place to test the application Corkscrew:
>> http://www.techrepublic.com/blog/linux-and-open-source/using-corkscrew-to-tunnel-ssh-over-http/
>> 
>> " If you are in an environment that disallows the use of SSH and forces
>> the use of an HTTP proxy, it is possible to use that HTTP proxy as a
>> transport for SSH."
>> 
>> I worked at a place that was absurdly totalitarian with regards to their
>> web proxy.  As a design engineer I would frequently research technical
>> information and they would even block categorically university sites,
>> where you can get a lot of technical papers, as "educational sites
>> prohibited".
>> 
>> Using SSH to tunnel out of there was the quick and obvious answer.
>> 
>> Blocking port 22 simply makes the case for moving SSH to a non standard
>> port, the old security through obscurity line.
>> 
>>> port ssh , can be easily used for tunneling
>>> 
>>> I think, web proxy is in the blacklist for security reason.
>>> 
>>> On Wed, Oct 7, 2015 at 5:22 PM, Ken Mink via TriLUG <trilug at trilug.org>
>>> wrote:
>>> 
>>>> 
>>>> 
>>>> Sent from my iPhone
>>>> 
>>>>> On Oct 7, 2015, at 16:52, Wes Garrison via TriLUG <trilug at trilug.org>
>>>> wrote:
>>>>> 
>>>>> I ran into a situation today I've never seen before.
>>>>> 
>>>>> I was working at an engineering firm and their IT guy had all outbound
>>>>> traffic on port 22 blocked.
>>>>> 
>>>>> Is there any sane reason to do this?
>>>>> 
>>>>> I can't think of any reason to block SSH, but maybe I'm missing
>>>> something.
>>>>> 
>>>>> -Wes
>>>> 
>>>> Sure, internal security policies. One place I worked had ALL outbound
>>>> traffic blocked. The only way out was web proxy, which also had quite
>>>> the
>>>> blacklist.
>>>> 
>>>> Ken
>>>> 
>> 
>> -- 
>> This message was sent to: bak at picklefactory.org <bak at picklefactory.org>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> Unsubscribe or edit options on the web	: http://www.trilug.org/mailman/options/trilug/bak%40picklefactory.org
>> Welcome to TriLUG: http://trilug.org/welcome
>
> -- 
> This message was sent to: William <william at trilug.org>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	: http://www.trilug.org/mailman/options/trilug/william%40trilug.org
> Welcome to TriLUG: http://trilug.org/welcome


More information about the TriLUG mailing list