On Mon, Dec 15, 2003 at 02:56:06PM -0800, Nunya wrote: | As I think about getting a job, I realize wherever next will probably | block outgoing traffic on most ports. | | I always thought I could have ssh listen on some port which gets through | like FTP port or HTTP port to bypass all those restrictions. | | Two obvious, unavoidable problems will be: my employer probably won't | want me wasting bandwidth and opening a security hole. | | (1) Will it work and
Yes. I use port 23 now because 22 is forwarded to my roommate's
machine.
| (2) is it opening a security hole?
Define "security hole". :-). Well, you're bypassing the restrictions
in place, so the admins responsible for the corporate network may not
appreciate it. Using ssh-tunneling you can create arbitrary TCP
connections between your home network and the network your work
machine is on. It's a way through the defenses, much like getting a
pass from the general will let you walk past the scouts at the border
of camp. I do stuff like that all the time here, in part so I can
print and display stuff back and forth (either way, work->home or
home->work). However, my employer doesn't mind. I use tunnelling
just to bypass the technical limits of a single IP address and NAT.
| What are the workarounds? I guess I could live in a Ricochet city and
| use my own laptop not plugged into the company .net.
|
| Does anybody have any thoughts?
You have to check with your (potential) employer(s) and find out what
they do and do not allow.
-D
--
If your company is not involved in something called "ISO 9000" you
probably have no idea what it is. If your company _is_ involved in ISO
9000 then you definitely have no idea what it is.
(Scott Adams - The Dilbert principle)
www: http://dman13.dyndns.org/~dman/ jabber: [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
