What security implications are there for allowing outbound SSH traffic?
My school currently blocks outbound SSH traffic. Users inside the network cannot use Port 22, and attempting to make an SSH connection over another port is also blocked. (I'm assuming the firewall drops any packets that seem to use the SSH protocol.)
The excuse given for this is that allowing outbound SSH traffic would put users inside the network at risk, and that it would allow "port forwarding". (Their words not mine) Translated, I think the administrators are worried that a virus on a user's computer might try to use SSH to contact Command and Control servers. I think they also want to keep the port closed because it could be used for proxy connections, TOR, and the like.
To my knowledge, most of the present-day "active" viruses aren't using SSH for C&C. Also, a proxy could be established over any port, could it not? Such as 80, which is of course already open for regular internet browsing?
I understand that there are implications of inbound SSH connections, but I don't see how not allowing students to make outbound connections really improves security all that much. For one, it prevents me from using Github and Heroku, which I need for my outside job.
Could someone please respond with either more, better reasons why outbound SSH should be blocked or (preferably) with reasons why this network policy is irrational?
