Metasploit mailing list archives
Http-Tunnel Question
From: Jason.Haar at trimble.co.nz (Jason Haar)
Date: Sat, 22 Apr 2006 21:36:29 +1200
Chris Byrd wrote:
You might be interested in reading my writeup about GNU httptunnel at http://riosec.com/exploring-httptunnel/.
Stop messing around with the small fry. If you really want to see the future - look at OpenVPN. It can form full VPN tunnels (i.e. bidirectional) over UDP, TCP, NAT - and over HTTP proxies. Really good from a connectivity perspective, really bad from a control of a corporate network perspective :-) It is also typically used with HMAC authentication - which means there is no payload signature to match against. i.e. don't expect your IDS to pick it up (unless it can detect SSL/TLS, and can trigger alerts on CONNECT traffic that *isn't* SSL/TLS. Actually, now I think of it, I think TLS session keys basically mean no-one can do that either) Marvelous program. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
Current thread:
- Http-Tunnel Question Thomas Werth (Apr 20)
- Http-Tunnel Question Jerome Athias (Apr 21)
- Http-Tunnel Questions the unknown unknown (Apr 21)
- Http-Tunnel Question H D Moore (Apr 21)
- Http-Tunnel Question Chris Byrd (Apr 21)
- Http-Tunnel Question Jason Haar (Apr 22)
- Http-Tunnel Question Thomas Werth (Apr 23)
- Http-Tunnel Question Jerome Athias (Apr 21)