[slime-devel] Re: SLIME Committers

Peder O. Klingenberg peder at klingenberg.no
Thu Nov 23 21:19:21 UTC 2006

Luke Gorrie <luke at synap.se> writes:

> Usually you can tunnel ssh out via e.g. a HTTPS proxy and then tunnel
> everything else via ssh. Very few corporate firewalls can contain a
> suitably motivated person! Google knows many tools.

Yes, this is usually possible.  But you lose plausible deniability.
If you're tunnelling ssh over udp dns requests because a corporate
firewall blocks all other attempts at getting out, you can hardly
claim ignorance when They confront you with breach of coporate rules
and/or contract.  That may or may not be a firing offence, depending
on location and employer.

If you have as part of your contract "Thou shalt not ssh to external
machines", in theory don't even need to block port 22 out.

So, while technically possible, it may not be a good idea.

This must be Thursday.  I never could get the hang of Thursdays.

More information about the slime-devel mailing list