SSH Security (was: SSH & VNC discovery)

Mark,

Opening outbound SSH on the firewall is a desire I've seen from a lot of
people over the last few years. I can understand both the request and
the reason for not allowing it.

If you have a policy where you severely limit outbound connections (to
FTP and HTTP), not allowing SSH is a good idea. Once you've got SSH
going, you can tunnel any other TCP port and can bypass certain
logging/blocking mechanisms they may have in place such as a web proxy
server with a content filter.

-ME

-----Original Message-----
From: ssh-l-admin@erdelynet.com [mailto:ssh-l-admin@erdelynet.com] On
Behalf Of Mark Moriarty
Sent: Saturday, December 28, 2002 1:37 PM
To: ssh-l@erdelynet.com
Subject: RE: SSH & VNC discovery

You have to love those standards :) -- I quickly learned I had to open
port
22 on my firewall, but it sounded like your ssh had been up and running,
which meant 22 all set, just stuck on how to get VNC riding on it.

(Now if only I could get work to open port 22... Always strikes me as
silly
that I'm allowed to use FTP and HTTP (initiated by me from behind the
work
FW), but God forbid I be allowed to use a secure protocol for
obtaining/sending things to the outside world :)

--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.