question re security risk with SSH tunnelling

View: New views

1 Messages — Rating Filter: Alert me

question re security risk with SSH tunnelling

by GregHauptmann :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message

Hi,

If an SSH tunnel is created and used to allow say HTTP browser traffic to occur from client to server, what security risks (if any) are introduced by this tunnel? e.g.

- ability for other rogue apps on the client to use the tunnel to get to the server?
- ability for other rogue apps on the server (with the web app) to use the tunnel to attach the client?
- does the tunnel effectively "join" the networks?

Assume for example use of Putty to SSH to the server, but with a tunnel specified to forward local say port 7777 traffic to the server host xxxx on port yy.

Tks