• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

SSH Tunneling - Can it be used to surf the web/intra-web from 'inside' another network?

statik213

Golden Member
I live off-campus and It's a pain in the neck using campus resources sometimes, is it possible for me to SSH into a computer (the mail/web server) that's inside the campus network and use SSH tunneling to surf the web?
I have a basic understanding of SSH tunneling, so some step-by-step instructions (incl. how to configure the browser - Firefox/IE anything ) would be greatly appreciated.
 
I doubt anyone here would want to give you a step-by-step on how to get around network security, but I will say that I use ssh tunneling at work (I'm on the network security team, so I could add rules for myself but ssh tunneling is simpler for me) and it's a little scarey how well it works and there's lots of articles on breaking firewalls with openssh out there, if you feed google the right terms...
 
Originally posted by: Nothinman
I doubt anyone here would want to give you a step-by-step on how to get around network security, but I will say that I use ssh tunneling at work (I'm on the network security team, so I could add rules for myself but ssh tunneling is simpler for me) and it's a little scarey how well it works and there's lots of articles on breaking firewalls with openssh out there, if you feed google the right terms...

But how is this a security threat? Wouldn't you need valid credentials on a machine on the inside of the network to do this? If such credentials were compromised, wouldn't you have bigger problems to be worried about?

But, you are saying that this is entirely possible, right? That I can surf the web as if I were a user on the inside of the campus network.
 
If you don't want to post step-by-step instructions on the forum, you can PM me with 'em 😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀😀
 
Generally I'm speaking about being on the inside of the network and tunneling out, most people aren't in the same situation as you =)

It's a security threat in that you can use it to get around just about any security infrastructure and access things you're not supposed to. For instance, you could set up SSH to forward to a remote proxy and bypass all web filtering or do something stupid like chat on AIM all day at work. Or you could even do something really bad like tunnel something like FTP through the SSH connection and upload corporate documents to a remote server without being monitored by the local IDS.

And I thought my hints in the first post were obvious enough...
 
Originally posted by: Nothinman
Generally I'm speaking about being on the inside of the network and tunneling out, most people aren't in the same situation as you =)

It's a security threat in that you can use it to get around just about any security infrastructure and access things you're not supposed to. For instance, you could set up SSH to forward to a remote proxy and bypass all web filtering or do something stupid like chat on AIM all day at work. Or you could even do something really bad like tunnel something like FTP through the SSH connection and upload corporate documents to a remote server without being monitored by the local IDS.

And I thought my hints in the first post were obvious enough...

They were.
 
Originally posted by: PorBleemo
If you are outside of the dorms the easiest way is to get your own internet connection.

:frown: aaaaarghh......
I do have my own verizon dsl connection (or how else would I tunnel in?) and the problem isn't getting online, the problem is gaining access to sites (like research databases) that are restricted to on-campus IPs..... if i can setup my tunneling stuff to work properly, it would seem like the connection is originating from inside the campus and things ought to work well....
 
Originally posted by: spidey07
How about calling the university?

If they support remote access then they'll tell you how to do it.

Well, I can use a dial-up connection but it's sh!t slow. They have off-campus access to some of these databases but it's a pain to keep authenticating yourself because the thing has a very short timeout.
 
Back
Top