On Monday 13 March 2006 11:42, anoop aryal wrote: ... > > Again thanks a lot for the suggestion, I'll try this too -- but I > > have a possibly stupid question. What protocol will the gateway of > > my corporate WAN think it is being asked to handle in this case? I > > don't think it will allow any connections going out on VNC > > protocol, regardless of the port number in use. HTTP / HTTPS is > > fine, not a lot else is... > > <austin_powers:dr_evil> > muhahaha... > </austin_powers:dr_evil> > > <simpsons:burns> > HTTPS, eh? excellent. > </simpsons:burns> > > try running ssh on port 443 at home and then try ssh-ing from work. > the nice thing about HTTPS is that it's not a TLS type thing where > you start off unencrypted and then do an encryption handshake. > therefore, there shouldn't be *any* unencrypted data flowing back and > fourth that the firewall can look at. the encrypted exchange is > designed to stop man-in-the-middle. that takes the firewall out of > the picture since it has nothing in the data flow that it can look at > and go, "yes, it is indeed HTTPS". it's just relying on the port > being 443. so any protocol should work as long as the port is 443.
Thanks for the info on TLS, since I didn't know any of that. So basically, any info on port 443 that looks encrypted should get by, right? I didn't realize that and it will make it a lot simpler. The only trouble with ssh is that it requires cygwin, and I need to make this as small a footprint as possible. It seems like almost all cool tools on Windows need cygwin! Hal -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
