|
|
Security Basics
Understanding and preventing reverse ssh tunnels Jul 27 2012 08:46AM a bv (vbavbalist gmail com) (1 replies) Re: Understanding and preventing reverse ssh tunnels Aug 03 2012 02:49AM Peter Thomas (peter hackertarget com) (2 replies) Re: Understanding and preventing reverse ssh tunnels Aug 03 2012 06:12PM !s3grim (persephane gmx eu) (1 replies) Re: Understanding and preventing reverse ssh tunnels Aug 07 2012 12:47PM Jeffrey Walton (noloader gmail com) (1 replies) RE: Understanding and preventing reverse ssh tunnels Aug 07 2012 03:39PM David Gillett (gillettdavid fhda edu) (1 replies) Re: Understanding and preventing reverse ssh tunnels Aug 07 2012 04:06PM Jeffrey Walton (noloader gmail com) |
|
Privacy Statement |
>
> If you have open ports you cannot restrict ssh tunnels or port
> forwarding within a SSH connection at the gateway as the communication
> is encrypted. The gateway / firewall will only see SSH traffic.
>
> To restrict tunnels you need to block ingress and egress traffic, and
> only provide web access over a proxy that does SSL mitm and looks for
> ssh over HTTP.
>
> In most cases forcing use of proxy and blocking direct access to
> external hosts will be enough.
>
>
> On Fri, Jul 27, 2012 at 6:46 PM, a bv <vbavbalist (at) gmail (dot) com [email concealed]> wrote:
> > Hi,
> >
> > How can i prevent reverse ssh tunnels?
> >
>
>
> --
> Regards,
>
> Peter
> --------------------------------------------------
> Security Scanning Tools On-line
> Web: http://hackertarget.com/
> --------------------------------------------------
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------
>
Hi,
SSH shouldn't be allowed to everyone at all.
SSH to any public host shouldn't be allowed.
SSH should only be allowed to REQUIRED external IPs from REQUIRED terminals.
--
Mustafa Qasim
me (at) mustu (dot) info [email concealed]
http://blog.mustu.info
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]