mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: "Work, Clinton" <work () SCRIPTY COM>
Date: Mon, 11 Sep 2000 14:42:47 -0600
There is already a mature tool to tunnel connections via HTTP which
works quite well. I have used it with many firewalls:
On Mon, Sep 11, 2000 at 02:16:43PM -0400, Jose Nazario wrote:
On Mon, 11 Sep 2000, Christopher M. Bergeron wrote:
theoretically, someone from inside a secure network could tunnel out
(ala Trojan) to punch a major hole through a firewall. Am I
understanding this correctly?
yes, yes you are. also, lookfor IP over SMTP tunneling. and LOKI, using
ICMP as a covert data channel.
tunneling is a major method of passing firewalls. tunnel whatever you want
through normal channels. unless the firewall is doing application level
filtering, you can really have some fun. you gotta be patient, but it can
there really isn't any reason why application level firewalls shouldn't be
more available and in wider use that i can see. they're tough to do right,
mind you, but not impossible.
jose nazario jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Clinton Work clinton () scripty com