Detecting SSH tunnels on a linux firewall

Dave Long long.dave at gmail.com
Wed Jan 10 10:47:37 MST 2007


On 1/10/07, Matthew Walker <rorith at kydance.net> wrote:
>
> On Wed, January 10, 2007 10:15 am, Kyle Robinson wrote:
> >
> > Force the HTTP traffic into a transparent proxy.
> >
>
> Won't work. I can use Putty to create an SSH tunnel to a server I control
> running Squid, and direct my local browser to use the localhost port as
> proxy. This routes the entire request through the SSH tunnel to the remote
> Squid server, which then handles the request from there.
>
> There is no way to stop this short of forbidding SSH connections to
> external servers.

This situation where the user is ssh'ing to an outside box (from
inside the network) to a box presumably with squid is what I am trying
to determine.  I do not want to be an evil admin and block all ssh
access.

-- 
Dave Long
long.dave at gmail.com



More information about the PLUG mailing list