Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Use AppleScript and Mail for remote control and file access' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Use AppleScript and Mail for remote control and file access
Authored by: hrbrmstr on May 03, '06 08:31:21AM
If yours is like most companies, it provides access to at least *some* outbound ports directly (not via proxy). It might be easier, and would definitely be more secure to run an sshd server on another port.

The file /etc/sshd_config has a line near the top commented out (it's the default) that should read #Port 22. You can sudo vi /etc/sshd_config, remove the "#", change the port to something that you know can be reached through your firewalls and either "HUP sshd" or go to System Preferences->Sharing and disable/re-enable "Remote login".

You may need to modify your own firewall (hardware or Mac OS X) to make this work completely, but it will probably give you the kind of access you really want vs. AppleScript/Mail commands.

(one last thing...if you open up ssh to the whole world and don't limit logins to certificates only, you're just asking to be hacked)

---
Mind the gap...

[ Reply to This | # ]

try port 443
Authored by: mzs on May 03, '06 10:48:55AM

That is the https port. If you are not running an HTTPS server on your mac and it is a simple proxy/firewall at work, that should get you through to your mac at home. If work has a layer-7 firewall or your run an HTTPS server try tunneling ssh over https. Here is a decent explanation:

http://dag.wieers.com/howto/ssh-http-tunneling/

Understand that there is probably a reason your boss or your boss' boss put in the firewall, and doing any of this could put you in violation of the computer user policy at your work.



[ Reply to This | # ]
How?
Authored by: germ on May 03, '06 12:43:45PM

Do you know how to find out which ports are open?



[ Reply to This | # ]
How?
Authored by: hrbrmstr on May 04, '06 08:06:26AM

Well, there are a few port scanners out there for all OSes that would give you an idea, but if your employer has IDS systems in place, you might get a huge slap on the wrist (or worse) for using them.

One of the easiest ways is to run a web server on alternate ports and try to access then via your browser. Try running one on, say, 4155 (arbitrary number, but it won't be WCCPd - if your place does route vectoring - and will not - by default - go through a proxy - unless your systems are SOCKSified.

You could use netcat - http://netcat.sourceforge.net/ - to open up listening ports as well.

As the previous post stated, however, port 443 is probably a really good choice since it almost has to be allowed (but could be proxied, not just firewalled).

---
Mind the gap...



[ Reply to This | # ]