 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Thursday, May 04, 2000 4:51 PM, Mike Bilow
[SMTP:mikebw at colossus.bilow.com] wrote:
> This is too trivial for a meeting. You start sshd on the home
> machine, using a high-number port, specified with the "-p"
switch. That
> would allow you to log in from work by specifying the correct
port
> with the "-p" switch on the ssh client. When you start the
client, you
> can also ask it to map some local port through the ssh tunnel
with the
> "-L" switch. Then you point your mail client at that port on
> your local machine. This can be more involved in general, not
for POP.
>
> A possibly simply solution is to run SSLproxy on the machine
> where the POP server lives, and then to use a mail client
which support
> SSLPOP. This should work if the SSLPOP port (995?) is not
blocked.
>
> If the firewall is very restrictive, you will need something
> more than ssh, such as httptunnel.
>
> -- Mike
Mike,
I'm sorry: I didn't define the issue clearly enough. Let's
start again.
1. I CANNOT change my work machine. I can't add software to
it. I can't use Linux. It's a W95 box, with Netscape, Lotus
Notes (the ONLY authorized email client in the organization),
and Office 97.
2. The firewall chokes everything but http, and ALL of that is
monitored and logged.
3. The task is to make the Netscape browser on my work PC, in
secure mode, act as a virtual terminal on my home PC.
A. I want to start the browser, access my own URL through the
firewall, see the little padlock close, and then use that pipe
to go where I really want - for example,
1. A help wanted ad from a competitor
2. The popmail server on banet.net.
B. I need all caches cleared when I log off.
As anyone who has seen the dreaded "Netscape does not trust the
certificate issued by..." message will attest, creating a secure
connection using a browser is not easy, and I'm sure the topic
of how to keep the thought police out of your data stream is
worth at LEAST an entire meeting: aside from the technical
issue (which is tough enough) perhaps we could get someone to
talk about the current legal status of corporate email, the
implications of using a company's computer to access the net,
etc.
Bill
>
>
> On 2000-05-04 at 09:27 -0400, Bill Horne wrote:
>
> > I just thought of a meeting topic: I'd like to know how to
> > use
> > SSH (or anything else) to get past my boss' firewall/caching
> >
> > proxy and allow me to collect pop mail, etc. Currently, all
> >
> > calls to port 110 are trapped.
> >
> > How about a meeting on how to set up a virtual terminal
> > server,
> > that will allow Secure Socket Layer connections to a home
> > machine from any browser?
>
>
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at blu.org (Subject line is
> ignored).
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
