Firewall Wizards mailing list archives
RE: httptunnel
From: "Shivdasani, Meenoo" <Meenoo_Shivdasani () NAI com>
Date: Tue, 30 Mar 1999 09:35:34 -0800
Only firewalls which authenticate every time you retrieve a file from outside the domain which you authenticated against would be safe. However, I think that due to the fact that many web pages now have links to graphics on advertisement networks (which would cause you to re-authenticate several times as it downloads the different graphics), very few people have this kind of setup.
I know that at least one firewall with authenticated http requests authentication for each and every connection that you make through the firewall. Most users will only visibly have to authenticate once, if the authentication is plaintext and is just being used for tracking measures on a DHCP network. The browser caches the password and sends it on request every other time. Given plaintext passwords, a standard authentication format, and a competent coder, I suspect that it wouldn't be that hard to modify httptunnel so that it could deal with authenticated http. M
Current thread:
- RE: httptunnel Shivdasani, Meenoo (Apr 01)