Proxy.

[d10b]

I'm at work behind a proxy server which I believe blocks SSH port 22 (i cannot connect to any shell account or even ping or telnet w/ port 25). Can I use port 80 out from here to connect to port 22 or whatever other port on a remote computer?

I have putty and I'm looking through the docs. I've also found many links related to this but none quite fit. While I'm researching I was wondering if anyone had any pointers or advice.

For you people at work with web filtering I found this great website to bypass that http://hidebehind.com

[bad_brain]

hmmm....depends on what rights you have on the remote box. if you´re able to edit the ssh config it´s no problem to use make the ssh server listen on a different port, but you can´t use a port which is already assigned and runs a service.

[d10b]

hmmm....depends on what rights you have on the remote box. if you´re able to edit the ssh config it´s no problem to use make the ssh server listen on a different port, but you can´t use a port which is already assigned and runs a service.

I don't leave my computer at home turned on. This is a shell account at rootshells.be so I have no access except the login thru ssh2 or from a java applet (which probably is using port 22 also)

Do ports have to connect to the same port on the remote computer? Is it not possible to leave port 80 and connect to port 22?

Maybe I'll have to just setup the computer at home...

[bad_brain]

well, you seem to misunderstand it a little, when you connect to a shell by SSH it's NOT like your computer uses port 22 to connect to port 22 on the server. the port your computer uses is pretty random (it`s above 1024, because all ports up to 1024 are assigned ones), only on servers the ports are fixed ones....so this time it can be your computer opens port 3456 for the connection and next time 4958 for example. most likely the whole protocols are blocked (telnet, icmp and ssh in your case), maybe only the incoming answers by using source port matches in the firewall (this could be evaded by changing the port on the server), but I think it's the first case. so there's not much you can do about it...

[DNR]

I had been giving this some thought, as a security sysadmin, and B_B is right, I'd just stop or block protocols.

As a SSA (security sys admin), one might set up different servers for different protocols, SMTP/POP/IMAP could be on one, HTTP could be another, and certainly the DB/company file storage on another. The best servers to break into were the ones that the sysadmin loaded too many services onto. Sysadmins get nervous about patching, because of the possiblity of conflicts with other software/processes. Novell was a big pain in the ass in this regard. You also had to install various patches in a certain order, les it fux everything up, and you have to reformat/install again. Therefore, a multiservice server may not have everything patched.

When scanning a server, and you do not see an expected open port/service daemon, scan the IP range to look for this server farm.

How can you access another port with another port service, like http>SSH? Well, the appz can, you can see that you -can- access other ports via http, thats how you check email or download stupf without the tedious process of logging into SMTP port 25 or IMAP 110 to grep your email. Is there a program to access port ssh using port 80? Your search engine might tell..

DNR

[d10b]

Is there a program to access port ssh using port 80? Your search engine might tell..
DNR

What about your search engine? ~

Jus' teasing... I've been looking for 3 days now. Learning some knick-knacks on the way but still no success. Thanks for the posts.