Skip to content

Raw Protocol Proxying Risks

A raw TCP proxy sits between client and server. It effectively becomes a man-in-the-middle: host-key/certificate pinning breaks, credentials and session data pass through the proxy, and long-patched relay exploits reopen — so you lose the very security RDP/SSH are meant to provide.

See the sshamble project for examples of attacks that exploit this approach.