Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: tunnel vs open a hole
From: Crispin Cowan <crispin () wirex com>
Date: Sun, 06 Apr 2003 21:26:07 -0700
Barney Wolff wrote:


On Sun, Apr 06, 2003 at 02:59:37PM -0400, Marcus J. Ranum wrote:

Protocol-over-protocol "attacks" mooted firewalls a loooooooong time
ago. We've just been cheerfully ignoring that fact. I was tunnelling
IP packets uuencoded over smtp back in the early 1990's (I guess
it would have been 1993 or -4) and got good enough RTTs that I
could even NFS-mount filesystems across a firewall once I had
tuned the NFS timeouts and retries correctly.

With all due respect, this is something of an overstatement.  Tunneling
requires a cooperating agent on the inside.  The security policy of
that agent becomes part of your firewall.
The scary "gotcha": what if the "cooperating agent" on the inside is a worm or a virus? 

Crispin

--
Crispin Cowan, Ph.D.                      http://wirex.com/~crispin/
Chief Scientist, WireX                    http://wirex.com
HP/Trend Micro Immunix Secured Solutions
http://h18000.www1.hp.com/products/servers/solutions/iis/
                            Just say ".Nyet"


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]