begin quoting MattyJ as of Thu, Aug 21, 2008 at 01:31:08PM -0700: > <quote who="SJS"> > > SSH over HTTP is an interesting concept, but the underlying premise > > I have a problem with... > > > > WHY did the network security folks (or whoever arranged things so that > > you'd be behind a firewall) nail down the firewall like that? What are > > the security threats that they are concerned with, and are your actions > > in subverting it in violation of the TOS/regulations/rules/contract? > > It might be a business reason rather than security. Maybe an employer > doesn't want their employees ssh'ing into their home computers to read > personal E-mail, etc. If there is no direct business need for it then why > leave have the port open?
Indeed. And it's their network, their bandwidth, it ought to be their choice -- when YOU are the one paying for the connection, presumably it should be your choice. Although, if the network is locked down that tight, I'd expect them to shut off port 80 as well.... (It's a public network that's actually the concern, however, which brings the lock-down-all-but-port-80 under considerable criticism.) > I'm using webmail right now because of this very reason. SMTP and IMAP > ports are not open and I'd be hard pressed to convince my security folk > that they should be. Outgoing SMTP, yah, if you've been burned by one of your machines joining a botnet. IMAP, or rather, IMAPS, ought to fly with the security folk, expecially if there's a local SMTP server you could use for outgoing mail. -- Very few people do things for no reason. Bad reasons, yes, but not no reason. Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
