Great Circle Associates Firewalls
(February 1998) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: SSL Proxies revisited
From: Rahul Dhesi <dhesi @ rahul . net>
Date: Sun, 8 Feb 1998 02:23:58 -0800
To: firewalls @ GreatCircle . COM
Newsgroups: a2i.lists.firewalls
References: <firewalls . 199802080647 . BAA02901 @ homeport . org> 
Adam Shostack <adam @
 homeport .
 org> writes:

>I think what Joe is saying is 'Adam tunnelled his SSH
>connections over my SSL proxy, and I want to know if I can make that
>sort of thing harder.'
>...Is there an SSL proxy that
>looks beyond the CONNECT strong to the first few messages sent back
>and forth to ensure they look like client-hello, server-hello, etc?

I still wonder:  What does this achieve?  What sorts of bad things can
you do with ssh what you cannot, with some imagination, do with http
over SSL?
-- 
Rahul Dhesi <dhesi @
 spams .
 r .
 us .
 com>
Follow-Ups:
Indexed By Date Previous: Re: Availability of foreign language based Firewall solutions
From: mht @ clark . net
Next: Re: SSL Proxies revisited
From: Adam Shostack <adam @ homeport . org>
Indexed By Thread Previous: Re: SSL Proxies revisited
From: Adam Shostack <adam @ homeport . org>
Next: Re: SSL Proxies revisited
From: Adam Shostack <adam @ homeport . org>
Google
 
Search Internet Search www.greatcircle.com