On Sun, 17 Jul 2011, Ljubomir Ljubojevic wrote:
*snip*
I read some time ago something about tunneling different protocols through firewalls? which sounded quite scary.
This is what I was refering to:
Data Driven Attacks Using HTTP Tunneling
"... HTTP Tunneling Example
HTTP tunneling can be used to access ports that are normally inaccessible from a network. Consider Figure 1 below. The attacker's host is shown on the left with the target systems on the right. The router at the edge has the following policies:"
http://www.symantec.com/connect/articles/data-driven-attacks-using-http-tunn...
Sounds a bit scary to me, as any website needs to have port 80 open to allow access to that website.
That example is based on the premise that attacker will exploit existing security bug/hole to gain access to the system. And they refer in that article to IIS (Micro$oft Web server, with holes like swiss cheese).
If you check the frequency of Apache (httpd) security bugs on CentOS 5.x, I think you will see several Denial Of Service bugs, but only one or two that would allow code execution. And bug reports for Apache are made to secure mailing list so rest of the world is not aware of them until they are already fixed.
So I would not be overly concerned about HTTP tunneling attacks.
OK thanks for that advice Ljubomir.
Kind Regards,
Keith
----------------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------