Penetration Testing mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Mon, 11 Sep 2000 14:16:43 -0400
On Mon, 11 Sep 2000, Christopher M. Bergeron wrote:
theoretically, someone from inside a secure network could tunnel out (ala Trojan) to punch a major hole through a firewall. Am I understanding this correctly?
yes, yes you are. also, lookfor IP over SMTP tunneling. and LOKI, using ICMP as a covert data channel. tunneling is a major method of passing firewalls. tunnel whatever you want through normal channels. unless the firewall is doing application level filtering, you can really have some fun. you gotta be patient, but it can be done. there really isn't any reason why application level firewalls shouldn't be more available and in wider use that i can see. they're tough to do right, mind you, but not impossible. jose nazario jose () biochemistry cwru edu PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Current thread:
- [PEN-TEST] IP Tunneling over DNS Christopher M. Bergeron (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Mark Shlimovich (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS matthew patton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jonathan Rickman (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Andre Delafontaine (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IP Tunneling over DNS Dunker, Noah (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS BMM (Sep 12)
(Thread continues...)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)