[CentOS] freenx

Tue Jan 24 23:57:11 UTC 2006
Maciej Żenczykowski <maze at cela.pl>

> Hmm - we're through the firewall! and we can connect to ANY port that the 
> server is allowed to connect to (both on the server and in the local 
> network).  We can use this to connect to the SMTP port and send mail as if 
> from localhost - in effect we've an open relay.

Note: I know this can be turned of in the sshd_config file for all users - 
but that limits usability of the ssh server.  Normal users should normally 
be allowed to do port-forwarding (they can do it anyway if they have shell 
access).

Note also that the authorized_keys file can contain appropriate keywords
(no-port-forwarding, no-X11-forwarding, no-agent-forwarding)
(see man sshd_config) to make the above fail, but is your server 
configured properly?

Cheers,
MaZe.