Jetico and FreeSSHd

I understand your scratching problem

It is not the SSH server that "uses" the proxy, it is :

1. the user from the outside machine that needs first to connect to the firewalled machine on the SSH server

2. by doing that he creates a tunnel on the port of the proxy on the server machine from the port to the proxy on his outside machine (putty allows to that when creating a connection to SSH server)

3. once this is done, the user (me !) can surf on the net using the proxy port defined in the tunnel (so getting the web pages from my home machine) from the outside machine, avoiding the evil corporate proxy and surfing through a highly crypted and secured tunnel. I'm currently writing these lines like that.

4. I also use the tunnel for other purpose : chat client connection to their server, sftp, VNC connection, etc.

So the whole point is to protect the home server machine with a firewall (I don't have router or any hardware for that), and ensure the access to the SSH server. Then after that, of course, the proxy server must be accessible too.

 

JeromeC
create table with rule for PUTTY.EXE Outbound connection on port 23 to remote address
and rule for Secure Telnet connection Outbound connection on port 22 to remote address
put putty on this table
or if you wish have putty in Web Browser table, create new rule in Web Browser table
Outbound connection local port in range 22-23 to your remote address and port
on your home machine create rule incoming connection local port from remote address-remote
port

that is all
enjoy

 

But the problem was not with putty which works fine from the outside machine (office, where I am now, I can even go through corporate proxy/FW with it) but on my home server machine with jetico blocking my SSH server.

And actually I'm not using 22 but 443 as SSH port on my home machine, to make it less suspicious for corporate proxy here (we do use already 443 for many reasons)

 

sorry, sshd.exe
from your log.text is blocked local port 22 outgoing packet to remote 48222 (correct your port) or create rule in your Web Browser table Outbound connection local port 22 to remote address and port 48222 (or any)

 

He already had sshd.exe as "trusted".(allow all)

JeromeC,
As I mentioned, the proxy is using 192.168.0.1, so you cannot connect in to your IP, and then expect a reply via the proxy (or by the look of your log, connect in through the proxy, and expect a reply from your IP). This is basically ICS. You are attempting to cross interface, your IP to proxy IP.(or proxy IP to your IP)
This is where you would need to disable the SPI, and place the proxy IP into the trusted zone, so you can cross interface.

 

1. yes it was 22 at the time of the log (testing copssh as shown in that log), it was 443 when I was using freesshd (before jetico would block it), and now it's 443 again (using copssh successfully now intead of freesshd (*)), sorry for the confusion

2. the problem was that I couldn't even connect to SSH, being freessdhd or copssh, since its port was not visible from outside (using putty). Getting to the proxy was not even in my test...

3. when SSH could work (ie with Jetico switched on before it started to block it, or before that with Kerio, or now with Kerio again) I would never have to care about proxy configuration / firewall configuration for the proxy / port and IP used by the proxy ==> it would always work fine.


(*) I changed from freesshd to copssh because I had some other problems with freesshd that are now solved using copssh.

 

Hi JeromeC,
When you where running Jetico with freeshhd, did you check the logs within freesshd AND the proxy? as I am starting to think that when you succesfully ran Jetico/freesshd, you may of been bypassing the proxy.

 

JeromeC
Or if you wish more simple way
download Olap.rule from thread "Jetico for everyone" post #40, apply this rule
with Jetico, start all your application and accept with "FullAccess" rule then
conect to net. and flay!

for more safe connection
go Jetico "Application log screen" and copy txt from all worked application and save.
go to Jetico "FullAccess" table and create same rule for this application from saved "copy.txt" file.
is so simple, Jetico do all by alone, enough understand in what way!
(here is so much confusion from virus, ICS IP to UDP/TCP SPI...)

there is only problem with your port/ip configuration!
I use same configuration like you and work!

enjoy...

 

If indeed you do have the same configuration (proxy at 192.168.0.1) you would not be able to use this with the SPI active. I have tested this a number of times.
There was a link posted showing a copy of a mail (from Jetico) concerning Jetico and ICS. (the same settings would need to be in effect for a proxy that uses this IP).
Read and Learn:-

Originally posted here

 

Dear Stem!

 

olap,..

The link is to a blog showing only very basic information for Jetico, and is unrelated to ICS and/or the thread posters problem,... and is not written by "Sergey Frolov".

Why do you continue to attempt to hijack threads with information unrelated to the thread topic/posters problems. If you know so much about Jetico/firewalls, why not help users, rather than just posting sad attempts to promote your own ruleset.

 

Hi Stem,

Thank you for all the time you spent and informations you provided.

I'll keep them in a very safe place because I think I may try again in a future to use Jetico - I tested my Kerio against several leak tests and the score is not tremendous... but I'm quite stealth from a TCP/IP point of view.

The main defects of the current version are, IMHO :

- cannot be set "naturally" as a windows service (but can probably be achieved by third party tools, or a better knowledge )
- for that same reason it is "user session parameters" oriented, which obliges you to copy config between users, and it's a pain (I know that not everybody uses several users, but on a family machine it's a requirement)

Thx
J.

 

Hi JeromeC,
Have you tried Comodo? This runs as a service, the latest beta now as "XP Fast User Switching support"
http://forums.comodo.com/index.php/topic,1047.0.html

 

Well I may try this after my holidays in August.

I had heard from it, but my first urgency was to have something working again to protect my machine quickly, hence the Kerio solution.

But I'll most probably give Comodo a try.

 

There is a forum for Comodo, but you can always post here if you need help with config. It is quite easy to use, once pointed in the right direction.