|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: "top secret" security does require blocking SSH
Blocking SSH is a weak solution. Many places I know allow telnet through their firewalls and block ssh. Since I never allow telnet on any of my servers I run SSH on both ports 22 and 23 so that these people can still reach our servers. Unless you are running an application firewall that explicitly checks the telnet protocol then you are not safe. The same ideas have been around for years on port 80. MS DCOM Tunneling is one of the worst allowing full application client to server communication in packets wrapeed by http headers so that they can traverse your proxy or firewall's on port 80. I am still waiting for the trojan that makes use of these features and the intrinsic MS Dcom security model. Derrick > -----Original Message----- > From: [email protected] [mailto:[email protected]]On Behalf Of > Alex Bligh > Sent: Sunday, July 09, 2000 3:43 PM > To: Greg A. Woods > Cc: [email protected]; [email protected] > Subject: Re: "top secret" security does require blocking SSH > > > > > [email protected] said: > > Unfortunately we're rapidly approaching (if we're not already there) a > > state of affairs where it is impossible to technically prevent inbound > > and outbound covert channels > > No. We are just rapidly approaching the point where people realize > it has always been the case that this is impossible. > > -- > Alex Bligh > VP Core Network, Concentric Network Corporation > (formerly GX Networks, Xara Networks) > > >
|