Comments on: SSH From Behind a Firewall via HTTP Proxy http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/ I will not fix your computer. Tue, 04 Aug 2020 22:34:33 +0000 hourly 1 https://wordpress.org/?v=4.7.26 By: Evgeny http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-23952 Fri, 09 Nov 2012 13:28:50 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-23952

And what solution could be applied when SSL access is also blocked on proxy?

Reply  |  Quote
]]>
By: DanZei » Blog Archiv » SSH durch eine Firewall über HTTP tunneln http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13351 Wed, 14 Oct 2009 09:36:28 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13351

[…] öffentlich zugänglich ist, seine Pakete anvertraut. Wie das ganze genau funktioniert, finde man hier. Tags » Autor: Nino Datum: Mittwoch, 14. Oktober 2009 11:36 Trackback: Trackback-URL […]

]]>
By: Chris Wellons http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13155 Fri, 11 Sep 2009 14:40:35 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13155

@ Luke Maciak:

Your main page is unblocked now, but the “Older Entries” link to the second page of articles is blocked since (I guess) it contains this article. The block seems to be automatically following that “offending” link. So it’s mostly back to normal.

Note, despite this, this specific post of yours isn’t blocked. Only when it appears along with other entries. Websense must not crawl very deeply.

Reply  |  Quote
]]>
By: Luke Maciak http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13149 Fri, 11 Sep 2009 01:52:07 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13149

@ Chris Wellons:

Aw, crap. Sigh… Well, it’s not like I wasn’t blocked before. I think some schools blocked me for obscene language and other similar infractions. :P

@ Craig A. Betts:

Yeah. I’m sure this can be exploited in various nasty ways.

@ Kenny:

Actually, the firewall I was behind was blocking outbound pings. You could ping stuff on the local network, but not outside. I’m fairly sure it was specifically to prevent this type of thing. :P

@ Brian:

Sigh… I’m 99.9% sure this is spam, but I’ll allow it because it’s on topic.

Reply  |  Quote
]]>
By: Brian http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13138 Wed, 09 Sep 2009 02:37:00 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13138

If you are looking to find a list of working http proxies, you can look here: http://www.pxylst.info

Proxies are scanned hourly to ensure that they are working!

Reply  |  Quote
]]>
By: Kenny http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13137 Tue, 08 Sep 2009 19:34:17 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13137

You should also consider setting up Ping Tunnel some time when you’re not behind the firewall. TCP tunnelled over ICMP.

It’s very useful for networks where even HTTP is blocked (or requires payment).

Reply  |  Quote
]]>
By: Craig A. Betts http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13120 Fri, 04 Sep 2009 14:53:02 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13120

I wouldn’t get too comfortable with this method. While it is a great way for you to be productive, it also allows malware to make it’s way out as well. Many companies are starting to pay attention to what goes through their proxies. SSH stands out like a sore thumb.

Reply  |  Quote
]]>
By: Chris Wellons http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13119 Fri, 04 Sep 2009 14:51:59 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13119

I just noticed something: posting this tunneling information on your blog may have an annoying consequence. Your blog is suddenly blocked here at work by Websense under the category “Proxy Avoidance”. Maybe (hopefully) this isn’t permanent and will go away when the corkscrew link drops off the main page, or else people like me will always have to tunnel our way here when visiting from work.

Reply  |  Quote
]]>
By: Chris Wellons http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13118 Fri, 04 Sep 2009 14:22:28 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13118

SSH tunnels are wonderful things. They make holes big enough to fly an airplane through. On occasion I have even SSHed back through an SSH tunnel.

I too just run my home ssh server on port 443 all the time. That way I am always prepared to route around almost anything. This also has the added bonus of greatly reducing the attacks on my ssh server, especially when I run an ssh honeypot on 22.

Reply  |  Quote
]]>
By: Rob http://www.terminally-incoherent.com/blog/2009/09/03/ssh-from-behind-a-firewall-via-http-proxy/#comment-13117 Fri, 04 Sep 2009 12:50:31 +0000 http://www.terminally-incoherent.com/blog/?p=3726#comment-13117

@ reacocard:
That’s how I do it too. Work’s nice because not many admins are going to block 443, so I should be able to tunnel home from anywhere (in theory).

Reply  |  Quote
]]>