32
olback
7y

So our IT-department decided it was a good idea to block all outgoing ports at my school. Resulted in no internet for a day. Then they fixed that and the mail part but I still can't connect to any of my servers with SSH :/

Comments
  • 0
    You could try hacking a port forward from 80 to 22?
  • 0
    Setup a UDP tunnel, make it listen on 53 to be really evil, and route all outgoing tcp through it 😛
  • 5
    a school doing that isn't that bad, i've had ssh blocked at work, at a company that only had linux servers.
  • 1
    @ItsNotMyFault
    Yeah what the fuck
  • 2
    @Linux thats pretty much what we said as well. They had outsourced the office IT to cut costs.

    Basically all non devs got locked down windows machines (we got to keep ours fortunately) and the networked blocked all outgoing traffic that managers etc didn't need.

    We spent a few days using our phones 4g to be able to work properly.
  • 3
    A few years ago I worked in a big corporation (one of the biggest in the world) and everything was blocked by default. Ports, usb ports etc. Everything. You had to apply for an exception. Separate exception for everything. And it was valid for specified time, max. 1 year. In some cases max time was shorter. And you had to remember to renew it because there were no notifications about expiration date. Bureaucracy + security mix is the killer of productive work
  • 0
    @ItsNotMyFault i do this (almost) every day at the office! :-D
  • 1
    Why not setup VPN to your server network.
  • 1
    Download tor, tell putty or what ssh client your using to use an http proxy through tor
  • 1
    @2Fdev2Ftcsh Tried that, no success :(
  • 1
    Dont know how strict the filtering is, but what I did when my school did that was change my servers' ssh port to 21, worked like a charm. Try to check out ports that your it dept would most likely want to use and try them out.
  • 0
    @eybro smarter firewall do deep packet inspection and check the protocol. In some companies you have installed their own 3rd party root certificate so they can MITM any traffic. That's not so simple if security is done properly.
  • 1
    @nbamaral If they're doing it properly they'll block or proxy port 53 too.
  • 0
    @d4ng3r0u5
    Ahahah yes, I'd block it, but many don't. I remember older Skype using something similar to create nodes (when it was all p2p).
Add Comment