Darren, et al -- ...and then darren chamberlain said... % % * Shawn McMahon <[EMAIL PROTECTED]> [2002-04-29 15:43]: % > begin darren chamberlain quotation: % > > * Marco Fioretti <[EMAIL PROTECTED]> [2002-04-29 13:52]: % > > > Last but not least: what was that JAVA applet called anyway? % > > % > > I think you're looking for MindTerm, which google tells me is at % > > <http://www.appgate.com/ag.asp?template=products&level1=product_mindterm>. % > % > However, FYI, a Java telnet isn't going to do what Marco wants. % % yeah, but that's what he asked for. ;)
It is? He specifically said that he is limited to a web browser to get through the firewall. % % > If his company only lets http through the firewall, then running a Java % > telnet on his home system will give him a nice Java applet running on % > his side of the firewall, no more able to connect to his home system % > than a telnet written in any other language. % % True. I think what he meant was some sort of java app that can run on % the server side (i.e., behind the firewall) and connect out to his I'm getting confused between server side and other side, but it seemed pretty clear that he needs to - sit at a client with a web browser - get through the firewall looking like web traffic - log in on his box at home for interactive shell processing no? % machine on the other side, since outgoing traffic is usually less % restricted than incoming traffic. What he *really* wants here is % something to kick off a port-forwarding ssh on the internal side that % will allow him to log into a box behind the firewall. Hmmm... That still sounds inside-out. % % > Sounds like he needs some kind of http-based proxy, unless the firewall % > is dumb enough to let non-http things through port 80, in which case I'd % > recommend ssh. % % If the company lets through port 80, they probably also let through port % 443; run an sshd on port 443 (all encrypted traffic looks the same, but % encrypted traffic going through port 80 will look suspicious -- assuming % someone is looking at the streams going through the firewall), and % you've got yourself an instant hole in the firewall. Hey, now that's not a bad idea, and it would certainly last him until he needed ssl support. % % This is one of the principle reasons why firewalls are ineffective, BTW. Yeah. Generally better than unplugging the wire, though :-) % % (darren) % % -- % Freedom is an all-or-nothing proposition: either we are completely % free, or we are subjects of a tyrannical system. If we lose one % freedom in a thousand, we become completely subjugated. :-D -- David T-G * It's easier to fight for one's principles (play) [EMAIL PROTECTED] * than to live up to them. -- fortune cookie (work) [EMAIL PROTECTED] http://www.justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
msg27736/pgp00000.pgp
Description: PGP signature
