From: gimeshell@web.de
Date: Mon Jun 12 2006 - 13:49:57 EDT
Hi,
perhaps subject sounds a little bit hard, but hard words are often
much clearer than polite words.
Someone is trying to find smartest way to bypass employer's
proxy from intranet. You can see it as a principle: there is someone
who don't want you to do something, but you know you will be
better...because you are an geek.
First of all, it works but i need help in fixing some flaws.
Situation:
Server: Windows 2000, proxy and simple packet
filtering to eliminate icmp traffic, dns traffic and some more packet
types,
Client: Windows 2000l, putty tunneling local port
There is no ip forwarding enabled on server so i fortunally must use
proxies facilities. Proxy has following 'special' ports open: 1080,
2121,
3128.
For port 3128 you must login with username/passwort. It is known.
Fort port 2121 there is only username without pass required.
Host A INSIDE...localport 4444--->ssh tunnel--->through PROXY/FIREWALL
(3128)--->Host B OUTSIDE (22) running privoxy (proxy server).
Problem:
Proxy is monitoring traffic and shows much suspicious traffic flowing to
xxx.xxx.xxx.xxx (https). That's the ssh tunnel to destination
with dynamic ip address.
Question:
Is there a solution to prevent proxy traffic monitor (and therewith
big brother) to see SSH traffic to dynamic ip? So that there isn't any
suspicious line in proxy traffic monitor's output? The best: Proxy
doesn't get notice of nasty traffic at all.
Perhaps there is some technique to hide data in unsuspicious packets?
regards,
gimeshell
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:04 EDT