|
Firewall Wizards
mailing list archives
Re: tunnel vs open a hole
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Mon, 7 Apr 2003 15:02:11 -0400 (EDT)
On Mon, 7 Apr 2003, Anton A. Chuvakin wrote:
[SNIP]
However, surely people started to httptunnel not just because if was a fun
thing to do? I suspect it was in part due to the fact that in some
environments, admins were reallly hard to convince that opening another
port is possible WHILE allowing almost unrestructred web access. It might
seem like a contradiction in their security policy, but surely you'd know
of places where it is done exactly like that. Additionally, what if
opening a port turns into "lets open yet another port in our swiss-cheese
firewall and pray this application can't be exploited"? Will tunneling be
justified in this case? Will it not reduce security a bit less than
opening a port?
Wanna see a security admin whince, squirm and cowwer, let alone babble in
an unknown tongue whist drooling with a bit of dilerium? Mention that
your new protocol "tunnels" perfectly over port 80/http.
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
Re: Application requires VPN - How are these handled? m p (Apr 02)
RE: Application requires VPN - How are these handled? Melson, Paul (Apr 02)
|
Intro
