Security Basics mailing list archives

Re: Avoiding tunnels

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 28 Feb 2006 20:29:22 +0100

On 2006-02-28 Javier Hijas wrote:

  I wonder if there is a way to avoid tunnels via fw (v.g. netfilter).
How can I control that an opened port 80 is not used to tunel to a ssh
server listening at port 80?


You need to filter on layer 7 instead of layer 3/4, e.g. by proxying the
traffic.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

Re: Avoiding tunnels Neil (Mar 01)
- RE: Avoiding tunnels David Gillett (Mar 02)
  - Re: Avoiding tunnels Neil (Mar 02)
- <Possible follow-ups>
- RE: Avoiding tunnels Tony Stevenson (Mar 01)
  - Message not available
    - RE: Avoiding tunnels rembrandt (Mar 03)
    - Message not available
    - Re: Avoiding tunnels Brian Loe (Mar 06)
- Re: Avoiding tunnels Ansgar -59cobalt- Wiechers (Mar 01)
  - Re: Avoiding tunnels Javier Hijas (Mar 02)
    - RE: Avoiding tunnels David Gillett (Mar 02)
- RE: Avoiding tunnels Baker, Richard (Mar 03)
- Re: RE: Avoiding tunnels barcajax (Mar 03)