Home page logo
/

basics logo Security Basics mailing list archives

RE: Avoiding tunnels
From: "Tony Stevenson" <Tony.Stevenson () ihotdesk com>
Date: Wed, 1 Mar 2006 15:50:41 -0000

Javier,

You would need to use an application level firewall.
MS ISA 2004 is very good at this.  

You can be as granular as you wish, allowing only select mime types,
HTTP commands, packet length, etc.

http://www.microsoft.com/isaserver/default.mspx

http://www.isaserver.org/  -- This is a very useful place for MS ISA
tips.

I am also more than happy to guide you too.



Tony


-----Original Message-----
From: Javier Hijas [mailto:jhijas () germinus com] 
Sent: 28 February 2006 12:34
To: security-basics () securityfocus com
Subject: Avoiding tunnels

Hi all,
  I wonder if there is a way to avoid tunnels via fw (v.g. netfilter).
How can I control that an opened port 80 is not used to tunel to a ssh
server listening at port 80?

Thanks

------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting
experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity
Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---



"CONFIDENTIALITY NOTICE The contents of this e-mail are confidential to the ordinary user of the e-mail address to 
which it was addressed and may also be privileged. If you are not the addressee of this e-mail you may not copy, 
forward, disclose or otherwise use it or any part of it in any form whatsoever. If you have received this e-mail in 
error please e-mail the sender by replying to this message. ihotdesk reserves the right to monitor all forms of 
electronic communications that pass through its network"

 
This message has been scanned for viruses by secure technologies provided by ihotdesk
http://www.ihotdesk.com


 

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault