Bypassing the firewall at work

I couldn’t get back to my home router, not my linux box, not my web page control panel ever since I have changed my job. Because of the very strict firewall policys, I can only use standard ports i.e. http port 80, https port 443 and ftp port 21. Other than those 3 opened ports, I couldn’t do anything else! I couldn’t telnet to my router (port 23), couldn’t ssh to my linux box (port 22) and couldn’t get to my web portal (port 8080).
I don’t understand why they block the ssh port. SSH is a secure protocol and i don’t see how it can harm the company’s network. Anyways, I am trying to find a way out of this when I am at work, at lease I can get back to my Home CCIE Lab for some Lab work. Since Port 443 is working, what I did is to create a Port forward on my home router. I forwarded port 443 to port 22 on one of my Linux boxes. Today I got back to the office and immedately start up putty to see if i can ssh to my linux box via the port 443. And yes, it worked! The next thing I tried was to build a SSH tunnel to use with other protocol using putty. Well, all working fine as what I expected. And I can do a lot of thing now including using a remote CCIE lab at home!


2 responses to “Bypassing the firewall at work

  1. Interesting… How did you do that without risking immediate termination of contract by your emplyer?

    We do have a similar setup at work (with the only port open being 8080, connecting to our proxy, which does forced authentication) and if I tried something like that, I’d be out on the streets unemployed within hours. [We are doing IT-Services for a whole bunch of banks, so our safty departement does monitor things pretty heavily, meaning you are practically guaranteed to be found out at once, and we do have very strict safety policies…]

    Greetings from Germany

  2. Hi,
    I am working in a Networking Feild. I don’t think that will risk my employment with the company. If they caught me doing tunnelling over SSL (HTTPS port 443), I will tell them it is a security hole in their firewall. Most of the firewalls are unable to tell what I am doing on the port 443, as they only see that as a normal SSL (HTTPS) traffic. I know some firewalls do packet inspection which may able to pick up I am running SSH tunnel over SSL. However, there is nothing in my employment contract saying that I can’t use Telnet or SSH, they simiply blocked those ports. As I know this is a common firewall get throught method, the security team should consider this when they setup security rules.

Leave a Reply

Your email address will not be published. Required fields are marked *

What is 8 + 14 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)