[ILUG] SSH bandwidth usage.
Kieran.Tully AT acm.org
kieran.tully at gmail.com
Wed Mar 30 17:25:31 IST 2005
On Wed, 30 Mar 2005 09:53:55 -0600, Brendan Arthurs
<brenarth at relodublin.com> wrote:
> On Wed, Mar 30, 2005 at 04:43:26PM +0100, Kieran.Tully AT acm.org wrote:
> > If ever given out to you can then point out that your ssh usage is
> > completely secure,
>
> While the transport might be secure, SSH doesn't prevent you from
> connecting to a compromised box. If you use local port forwarding it
> could potentially allow an intruder inbound access via the remote
> machine.
Yes, completely secure is snake-oil, that email was slightly tongue in cheek.
It's amazing the number of firewall admins who aren't even aware of the
possibility of reverse ssh tunnels. Not to mention the covert channel
possibilities of other "harmless" traffic.
--
Kieran Tully, Software Developer and Tenor
Reply to Kieran.Tully AT acm.org
http://kieran.tul.ly http://www.cs.tcd.ie/~tullyka
More information about the ILUG
mailing list