Firewall Wizards mailing list archives
Re: httport 3snf
From: Christopher Hicks <chicks () chicks net>
Date: Mon, 21 Oct 2002 11:53:12 -0400 (EDT)
On Mon, 21 Oct 2002, Robert E. Martin wrote:
We run Redhat 6.0 with ipchains and have been able to block AIM and others with this system quite effectively, however, our students here have discovered HTTport 3.snf to bypass our proxy server using a SSL connection. Is there a way to stop this without bringing the rest of the newtork to it's knees? I have been unable to sniff the packets successfully enough to find out what ip address the host ssl server is, but I am able to launch the program on my local machine, sniff the packets and see that the first thing that happens is a DNS Request. Can I block DNS requests for a specifid url, ipaddress or other entry via IPCHAINS?
If you know the IP of the SSL host they're connecting to why not just block that? (And you might want to seriously consider a newer version of Red Hat. iptables is easier to deal with than ipchains for instance.) -- </chris> Recently, I was asked if I was going to fire an employee who made a mistake that cost the company $600,000. No, I replied, I just spent $600,000 training him. Why would I want somebody to hire his experience? -Thomas J. Watson, industrialist (1874-1956) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- httport 3snf Robert E. Martin (Oct 21)
- Re: httport 3snf Devdas Bhagat (Oct 21)
- Re: httport 3snf Christopher Hicks (Oct 21)
- Re: httport 3snf Ryan M. Ferris (Oct 21)
- Re: httport 3snf Christopher Hicks (Oct 21)
- Re: httport 3snf Ryan M. Ferris (Oct 21)
- Re: httport 3snf Christopher Hicks (Oct 21)
- Re: httport 3snf Paul Robertson (Oct 21)
- Re: httport 3snf Ryan M. Ferris (Oct 21)
- Re: httport 3snf Paul Robertson (Oct 21)
- Re: httport 3snf Ryan M. Ferris (Oct 21)
- Re: httport 3snf Paul D. Robertson (Oct 21)
- Re: httport 3snf Duncan (Oct 22)
- Re: httport 3snf Paul D. Robertson (Oct 22)