Firewall Wizards mailing list archives

Re: GXD vs. SPF

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Fri, 2 Oct 1998 15:08:21 -0400 (EDT)

Could someone fill me in a bit on the risks of tunneling over SMTP, HTTP,
etc.  What are the capabilities of this sort of attack?  How is it
accomplished (in general terms).


You take a stream of IP packets.

You encapsulate them in what appears to be a "normal" XXXP stream.

You have something at the other end - an IP "modem" - that translates
them back into an IP stream.

You can do anything you want over this encapsulated IP stream.  Slowly,
usually.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

RE: GXD vs. SPF Paul D. Robertson (Oct 01)
- RE: GXD vs. SPF Frederick M Avolio (Oct 01)
- <Possible follow-ups>
- RE: GXD vs. SPF Hines Dennis (Oct 02)
  - Re: GXD vs. SPF Joseph S. D. Yao (Oct 05)
  - RE: GXD vs. SPF Paul D. Robertson (Oct 05)