Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion. Some other interesting stuff I ran across while looking at this:
Google for "web shell" web shell plug in for an OSS CMS http://typo3.org/extensions/repository/reviewed/mw_shell/?tx_extrepmgm_pi1%5... Perl shell http://legacy.gammacenter.com/gamma.py/products/WebShell
Some Java shell https://trinity.aas.duke.edu/mt.html
Brian Kelsay
On Wed, 2004-10-20 at 15:48, Brian Kelsay wrote:
Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion. Some other interesting stuff I ran across while looking at this:
I take it from the above link that the goal is to make the traffic appear to be legitimate HTTP traffic as opposed to just travelling over port 80?
Jason Clinton wrote:
On Wed, 2004-10-20 at 15:48, Brian Kelsay wrote:
Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion. Some other interesting stuff I ran across while looking at this:
I take it from the above link that the goal is to make the traffic appear to be legitimate HTTP traffic as opposed to just travelling over port 80?
Yes. More importantly, this allows operation through a proxy server.
Gerald Combs wrote:
Jason Clinton wrote:
On Wed, 2004-10-20 at 15:48, Brian Kelsay wrote:
Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion. Some other interesting stuff I ran across while looking at this:
I take it from the above link that the goal is to make the traffic appear to be legitimate HTTP traffic as opposed to just travelling over port 80?
Yes. More importantly, this allows operation through a proxy server.
Both of which were a major problem originally. Now Big Brother is watching everything though. So much for learning something. Instead of learning by doing while waiting on a long compile, I have a few hours at home while mentally worn out.
---------------------------------------------- Somewhere there is a village missing an idiot.
Jason Clinton wrote:
I take it from the above link that the goal is to make the traffic appear to be legitimate HTTP traffic as opposed to just travelling over port 80?
Using steganography? There are issues. How about port 443 for https?
-- Dave Hull http://insipid.com
Quoting Brian Kelsay [email protected]:
Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion.
There are radios that can encrypt their traffic and send it over multiple frequencies/channels (whatever the proper terminology is) in synch. Isn't this called "spread-spectrum?" If you could synchronize your server and client on the same random seed or something at the start of the conversation, perhaps they could pseudo-randomly, but in synch with one another, switch ports during the conversation. You've still got encryption as an added layer.
Make it so. Spread-Spectrum-Secure-Shell. SSSSH.
-- Dave Hull http://insipid.com
Dave Hull wrote:
Quoting Brian Kelsay [email protected]:
Gerald Combs and I were discussing alternate methods of using ssh over odd ports. Some of the things at the above link apply. Tunneling ssh over http/https were the main points of discussion.
There are radios that can encrypt their traffic and send it over multiple frequencies/channels (whatever the proper terminology is) in synch. Isn't this called "spread-spectrum?" If you could synchronize your server and client on the same random seed or something at the start of the conversation, perhaps they could pseudo-randomly, but in synch with one another, switch ports during the conversation. You've still got encryption as an added layer.
Make it so. Spread-Spectrum-Secure-Shell. SSSSH.
Using steganography? There are issues. How about port 443 for https?
Hopping wouldn't help. I think they were looking for odd traffic, maybe just more than is normal, over ports other than 80 that were open. 443 got too much traffic and it tripped something. Went over some imaginary kb limit. That is why we were talking about tunneling ssh over http. I'm not going to do it from there, but I will set something up to try it out from the library or something. http://gray-world.net/projects/wsh/
---------------------------------------------- Somewhere there is a village missing an idiot.
-
Brian Kelsay -
Brian Kelsay -
Dave Hull -
Gerald Combs -
Jason Clinton