On Wed, 30 Mar 2005 09:53:55 -0600, Brendan Arthurs
<brenarth at relodublin.com> wrote:
> On Wed, Mar 30, 2005 at 04:43:26PM +0100, Kieran.Tully AT acm.org wrote:
> > If ever given out to you can then point out that your ssh usage is
> > completely secure,
>> While the transport might be secure, SSH doesn't prevent you from
> connecting to a compromised box. If you use local port forwarding it
> could potentially allow an intruder inbound access via the remote
> machine.
Yes, completely secure is snake-oil, that email was slightly tongue in cheek.
It's amazing the number of firewall admins who aren't even aware of the
possibility of reverse ssh tunnels. Not to mention the covert channel
possibilities of other "harmless" traffic.
--
Kieran Tully, Software Developer and Tenor
Reply to Kieran.Tully AT acm.org
http://kieran.tul.lyhttp://www.cs.tcd.ie/~tullyka
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
