[Cialug] Question about ssh over ssl and clever firewalls.

[Don Cady]

I'll throw my hat in the yes ring, but add that most firewalls probably 
don't have such a rule included with them. A rule or script would need to be 
written, and using it might impair some of their legitimate trafffic. I 
can't imagine it's very common. (please go ahead and prove me wrong)

Don

>I wrote up a small analysis of ssh and ssl traffic using tethereal dumps 
>and have put it up on my Web server at:
>
> http://www.kristau.net/ssl-ssh_question.txt
-Question: Could a clever firewall track the connection through SYN, SYN-ACK
-and ACK, and then determine whether or not to kill the connection based on
-the presence or absence of SSL handshaking?
>
> I posted it to my own Web server so as not to flood the list with the 
> tethereal dumps which will inevitably make it into any replies.
>
> thanks,
> kristau