[108302] in Cypherpunks
Re: your mail - re: logging on through fascist firewalls
daemon@ATHENA.MIT.EDU (Sunder)
Thu Feb 11 14:22:23 1999
Date: Thu, 11 Feb 1999 14:01:15 -0500
From: Sunder <sunder@brainlink.com>
To: mgraffam@idsi.net
CC: cypherpunks@toad.com
Reply-To: Sunder <sunder@brainlink.com>
mgraffam@idsi.net wrote:
> The firewall should let the connection to port 80 through, I'd think..
> unless it actually monitors the traffic on that port to verify that it
> is an http session! ..
So what if it is, you can always make it look like one. i.e.
client opens a session says "GET keypress0x12.html" server responds with:
"Document Type: HTML/TEXT\n
<HTML> <HEAD> <TITLE> code0x12,0x15,0x22 </TITLE></HEAD></HTML>"
Or better yet, send a MIME encoded binary stream, etc...
or somesuch. :) There is source for SSH, just play with it to support this
alternate "web" version. :) Consequently there is another way, but not as
nice:
You could install VNC (Virtual Network Computing -- which is a PC Anywhere
like thing only with clients for everything) on the server and install the
Java Applet to let you in -- but it does no encryption whatsoever!
> If you don't have root on a box so that you can set up a bouncer, I'm
> afraid that it looks like you are hosed.
Depends on whether port 8000 or 8080 is allowed. :) Some sysadmins do know
about those. Also, if the sysadmin of the box you're logging on to allows you
to setup and run a CGI of some sort, that's also a possibility.
All of these methods can work, but you have to be careful to make sure you
don't compromise the security of the system you're planning on logging on to.
If you can login to it, others can also.
