[CentOS] firewall?

Keith Roberts keith at karsites.net
Sat Jul 16 22:43:22 UTC 2011

On Sat, 16 Jul 2011, Keith Roberts wrote:

> To: CentOS mailing list <centos at centos.org>
> From: Keith Roberts <keith at karsites.net>
> Subject: Re: [CentOS] firewall?
> On Sat, 16 Jul 2011, Ljubomir Ljubojevic wrote:
> *snip*
>>  I wrote about "physical presence *outside* of your network", like if
>>  you
>>  are on a large WISP that uses bridged network (bad design) and your
>>  Wireless client is bridged, and you have single NIC firewall in place,
>>  entire WISP's network will be able to sniff your traffic and hack into
>>  unprotected workstations/desktops. And there are those scenarios, much
>>  more then you can think.
> Which is why one poster mentioned that you need to be familiar with 
> IPtables and Networking before trying to make your machine(s) network(s) 
> secure?
> I read some time ago something about tunneling different protocols 
> through firewalls? which sounded quite scary.

This is what I was refering to:

Data Driven Attacks Using HTTP Tunneling

"... HTTP Tunneling Example

HTTP tunneling can be used to access ports that are 
normally inaccessible from a network. Consider Figure 1 
below. The attacker's host is shown on the left with the 
target systems on the right. The router at the edge has the 
following policies:"


Sounds a bit scary to me, as any website needs to have port 
80 open to allow access to that website.

Kind Regards,

Keith Roberts


All email addresses are challenge-response protected with
TMDA [http://tmda.net]

More information about the CentOS mailing list