Tunneling through a hostile proxy?

[Trei, Peter]

> Roy M. Silvernail[SMTP:roy at scytale.com]
> 
> This may have been discussed before, but a Google search has 
> turned up lacking.
> 
> Given internet access from a private intranet, through an HTTP 
> proxy out of the user's control, is it possible to establish a secure 
> tunnel to an outside server?  I'd expect that ordinary SSL 
> connections will secure user <-> proxy and proxy <-> server 
> separately, with the proxy able to observe cleartext.  Could an SSH 
> connection be made under these conditions?
> 
> Pointers appreciated, thanks.
> --
> Roy M. Silvernail
> Proprietor, scytale.com
> roy at scytale.com
> 
It's been some time since I've worked on proxies, but
AFAIK, SSL connections tunnel through proxies already,
and the proxy cannot examine the content of the SSL
session (though of course, they *can* see where the
connection is headed).

It's easy to check - go to an SSL protected website,
and while viewing the page examine the certificate 
the site presented you with (click on 'security' in the 
toolbar in Netscape, or on IE, click 
Files->Properties->Certificates). If the certificate 
belongs to the site you're accessing, you're secure
from observation by the proxy. (the proxy can't
act as a MITM if the cert is from the far end).

If you wish to access a website which is not SSL
protected, try http://www.megaproxy.com, which 
will encrypt browsing data between itself and your
browser, even for non-SSL sites. All your local
proxy can tell is that you are doing something
at megaproxy (and megaproxy knows everything).

If you're interested in tunneling other protocols
than HTTP, things get more complex. Assuming
SSL tunneling is allowed you can run other
protocols through it if you can set up the software
at each end appropriatly.

Peter Trei