All posts for the month July, 2015

SSH’s TCP forwarding feature allows users to tunnel arbitrary TCP connections over an encrypted SSH connection, which in turn can allow them to make connections to internal hosts from outside your network — connections which can be hard to detect as SSH traffic is encrypted. So, is it possible to infer what an SSH connection is being used for when you don’t have access to the unencrypted data?

Continue Reading