[CentOS] firewall?

Sat Jul 16 22:43:22 UTC 2011
Keith Roberts <keith at karsites.net>

On Sat, 16 Jul 2011, Keith Roberts wrote:

> To: CentOS mailing list <centos at centos.org>
> From: Keith Roberts <keith at karsites.net>
> Subject: Re: [CentOS] firewall?
> 
> On Sat, 16 Jul 2011, Ljubomir Ljubojevic wrote:
>
> *snip*
>
>>  I wrote about "physical presence *outside* of your network", like if
>>  you
>>  are on a large WISP that uses bridged network (bad design) and your
>>  Wireless client is bridged, and you have single NIC firewall in place,
>>  entire WISP's network will be able to sniff your traffic and hack into
>>  unprotected workstations/desktops. And there are those scenarios, much
>>  more then you can think.
>
> Which is why one poster mentioned that you need to be familiar with 
> IPtables and Networking before trying to make your machine(s) network(s) 
> secure?
>
> I read some time ago something about tunneling different protocols 
> through firewalls? which sounded quite scary.

This is what I was refering to:

Data Driven Attacks Using HTTP Tunneling

"... HTTP Tunneling Example

HTTP tunneling can be used to access ports that are 
normally inaccessible from a network. Consider Figure 1 
below. The attacker's host is shown on the left with the 
target systems on the right. The router at the edge has the 
following policies:"

http://www.symantec.com/connect/articles/data-driven-attacks-using-http-tunneling

Sounds a bit scary to me, as any website needs to have port 
80 open to allow access to that website.

Kind Regards,

Keith Roberts

-----------------------------------------------------------------
Websites:
http://www.karsites.net
http://www.php-debuggers.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with
TMDA [http://tmda.net]
-----------------------------------------------------------------