Penetration Testing mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: Andre Delafontaine <andre.delafontaine () ECHOSTAR COM>
Date: Mon, 11 Sep 2000 13:46:58 -0600
"Christopher M. Bergeron" wrote:
I just read an interesting post at slashdot: http://slashdot.org/article.pl?sid=00/09/10/2230242&mode=thread theoretically, someone from inside a secure network could tunnel out (ala Trojan) to punch a major hole through a firewall. Am I understanding this correctly?
Once somebody controls a host inside a network, he can tunnel out using any protocol the firewall will let through, even if it is outbound only (i.e. http): Back Orifice will pass data over ICMP, so allowing outgoing pings through a firewall is sufficient, as long as the ECHO REPLIES can come back. Markus Ranum has mentioned that he once implemented an nfs mount of an internal host's filesystem through a firewall that only passed email: the internal and external hosts encapsulated IP packets in individual mails. It was slow, but worked... Andre -- andre.delafontaine at echostar.com F20 DSS: BD75 66D9 5B2C 66CE 9158 BB27 B199 59CE D117 4E9F F16 RSA: F8 04 FE 50 02 B5 03 02 F6 87 C7 8D F9 2E B8 58
Current thread:
- [PEN-TEST] IP Tunneling over DNS Christopher M. Bergeron (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Mark Shlimovich (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS matthew patton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jonathan Rickman (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Andre Delafontaine (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IP Tunneling over DNS Dunker, Noah (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS BMM (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Eric Thiel (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Teicher, Mark (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Wolfgang Zenker (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Peter Van Epp (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)