Security Basics mailing list archives
Re: Avoiding tunnels
From: Neil <neil () voidfx net>
Date: Wed, 01 Mar 2006 06:39:04 +0530
Javier Hijas wrote:
Hi all, I wonder if there is a way to avoid tunnels via fw (v.g. netfilter). How can I control that an opened port 80 is not used to tunel to a ssh server listening at port 80? Thanks
I think if you tell the firewall only to accept HTTP on port 80, that'll do the trick (requires stateful inspecting firewall). Don't think it'll work on HTTPS, because HTTPS is encrypted anyways, so then you'd need a firewall doing a MITM to inspect it, otherwise it just passes the encrypted traffic onwards. -- Neil. http://voidfx.net "...the student skit at Christmas contained a plaintive line: "Give us Master's exams that our faculty can pass, or give us a faculty that can pass our Master's exams." --Paul R. Halmos --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Avoiding tunnels Neil (Mar 01)
- RE: Avoiding tunnels David Gillett (Mar 02)
- Re: Avoiding tunnels Neil (Mar 02)
- <Possible follow-ups>
- RE: Avoiding tunnels Tony Stevenson (Mar 01)
- Message not available
- RE: Avoiding tunnels rembrandt (Mar 03)
- Message not available
- Re: Avoiding tunnels Brian Loe (Mar 06)
- Message not available
- RE: Avoiding tunnels David Gillett (Mar 02)
- Re: Avoiding tunnels Javier Hijas (Mar 02)
- RE: Avoiding tunnels David Gillett (Mar 02)