Hacker News new | past | comments | ask | show | jobs | submit login

Outgoing SSH is blocked at my company, even to non-SSH ports. Even to virtual machines I had already setup in Azure before the block.

Sure, guys. Of all things to block, let's block the most secure one. That'll really improve our security posture.

At this point, I'm continually surprised they haven't superglued the USB ports.




You can switch SSH to port 80 or 443, right?


You can switch it to any port you want. Problem is that it's super easy to spot on security monitoring tools. I deal with "SSH not on port 22" alerts at least once a month.

It's possible to get around this by tunneling SSH over other protocols: http://dag.wiee.rs/howto/ssh-http-tunneling/. Bear in mind if you do this in a corporate environment, security will throw the largest book they can find at you.


Well, I could if I wasn't trying to host a web site on that particular server. ;-)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: