Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Suggestion for a meeting topic

On Thursday, May 04, 2000 4:51 PM, Mike Bilow 
[SMTP:mikebw at] wrote:
> This is too trivial for a meeting.  You start sshd on the home
> machine,  using a high-number port, specified with the "-p" 
switch.  That
> would allow you to log in from work by specifying the correct 
> with the "-p" switch on the ssh client.  When you start the 
client, you
> can also ask it to map some local port through the ssh tunnel 
with the
> "-L" switch.  Then you point your mail client at that port on
> your local machine.  This can be more involved in general, not 
for POP.
> A possibly simply solution is to run SSLproxy on the machine
> where the POP server lives, and then to use a mail client 
which support
> SSLPOP.  This should work if the SSLPOP port (995?) is not 
> If the firewall is very restrictive, you will need something
> more than ssh, such as httptunnel.
> -- Mike


I'm sorry:  I didn't define the issue clearly enough.  Let's 
start again.

1.  I CANNOT change my work machine.  I can't add software to 
it.  I can't use Linux.   It's a W95 box, with Netscape, Lotus 
Notes (the ONLY authorized email client in the organization), 
and Office 97.

2.  The firewall chokes everything but http, and ALL of that is 
monitored and logged.

3.  The task is to make the Netscape browser on my work PC, in 
secure mode, act as a virtual terminal on my home PC.

  A.  I want to start the browser, access my own URL through the 
firewall, see the little padlock close, and then use that pipe 
to go where I really want - for example,

     1. A help wanted ad from a competitor
     2. The popmail server on

  B.  I need all caches cleared when I log off.

As anyone who has seen the dreaded "Netscape does not trust the 
certificate issued by..." message will attest, creating a secure 
connection using a browser is not easy, and I'm sure the topic 
of how to keep the thought police out of your data stream is 
worth at LEAST an entire meeting:  aside from the technical 
issue (which is tough enough) perhaps we could get someone to 
talk about the current legal status of corporate email, the 
implications of using a company's computer to access the net, 


> On 2000-05-04 at 09:27 -0400, Bill Horne wrote:
> > I just thought of a meeting topic:  I'd like to know how to
> > use
> > SSH (or anything else) to get past my boss' firewall/caching
> >
> > proxy and allow me to collect pop mail, etc.  Currently, all
> >
> > calls to port 110 are trapped.
> >
> > How about a meeting on how to set up a virtual terminal
> > server,
> > that will allow Secure Socket Layer connections to a home
> > machine from any browser?
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at (Subject line is
> ignored).

Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /