Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] SSH tunneled DNS access & SSH/SSL muxing

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] SSH tunneled DNS access & SSH/SSL muxing


Chronological Thread 
  • From: Peter Green <peter AT greenpete.free>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] SSH tunneled DNS access & SSH/SSL muxing
  • Date: Mon, 12 Nov 2012 17:57:58 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


That's spooky, I was just reading this...

http://it.slashdot.org/story/12/11/12/1237237/meet-the-lawyer-suing-anyone-who-uses-ssl?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Peter


On 12/11/12 17:55, Panesar, Amrit wrote:
> I have come across a theory for universal, direct DNS especially
> for those behind company or country bound firewalls.
>
> I have recently come across SSHTTP
> (https://github.com/stealth/sshttp). This program multiplexes HTTP
> SSL with SSH because of banners, (there is a more in-depth
> explanation on the project page). This would allow an SSH daemon to
> run on the same port as HTTP-SSL, and essentially 'trick' level 7
> content filters that establish a connection to the website to
> ensure it passes content validation, else it resets the connection.
> (eg: http://i.imgur.com/bQuk3.png & http://i.imgur.com/97LWK.png).
> What we are to do is mux a clean SSL site with SSH; thus, when the
> firewall goes to probe the site, it returns a valid site and we
> will also be able to SSH. With the help of your favorite ssh
> client, we can tunnel your DNS packets over SSH on port 443 and be
> able to evade all firewalls that stand in the way thus giving
> everyone access to OpenNIC. We can even take it a step further and
> add a SSH client-helper to a web browser (like chromium/canary) to
> further integrate the experience.
>
> What are you thoughts on this?
>
>
> Also I find this comedic, http://i.imgur.com/BSZgI.png
>
>
> -------- You are a member of the OpenNIC Discuss list. You may
> unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQEcBAEBAgAGBQJQoTiiAAoJEPBKqeCz72c57RgH/RhcxvVtVwgp3FSdw+k3f1Iz
nd9mfE8YY0RzlVzir/WBPE793BcSvypSIRwc2piFLRLkPNypaGov+ZIKpMBVWz8B
oJcktm0h6M9ZYXDneBgLIhhpOzoq5NLs5n8PmOMgnikVNI/ECnEVWJEd1Ws29KQJ
CtjxDnG12hrc6C/ygHbLrAReOd9D0z8LxM4A7LagKHK3tp9GjYrmCi0/qJdJVdcY
dzgr6sP9ui2/qaicNPaTgaWdi5yZ1sKVVIJR9B9dR5dK9x15idGarjGxvefSRjEM
VunS5UK1nSH6lKEZ/hn6taaU9E3UG7Vzm4pj+O/vc5UYDYINbZy+TIYelQDJVR0=
=y806
-----END PGP SIGNATURE-----



Archive powered by MHonArc 2.6.19.

Top of Page