Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Avoiding tunnels

From: Neil <neil () voidfx net>
Date: Wed, 01 Mar 2006 06:39:04 +0530
Javier Hijas wrote:

Hi all,
  I wonder if there is a way to avoid tunnels via fw (v.g. netfilter).
How can I control that an opened port 80 is not used to tunel to a ssh
server listening at port 80?

Thanks



I think if you tell the firewall only to accept HTTP on port 80, that'll
do the trick (requires stateful inspecting firewall).

Don't think it'll work on HTTPS, because HTTPS is encrypted anyways, so
then you'd need a firewall doing a MITM to inspect it, otherwise it just
passes the encrypted traffic onwards.

--
Neil.
http://voidfx.net
"...the student skit at Christmas contained a plaintive line: "Give us
Master's exams that our faculty can pass, or give us a faculty that can
pass our Master's exams."
--Paul R. Halmos

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: