Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

There is a hole in your firewall 1

Status
Not open for further replies.
iSeriesCodePoet

iSeriesCodePoet

Programmer
Jan 11, 2001
1,373
0
0
US
In case you aren't aware, there is a hole in your fire. Here is the article that shows you where.
To summarize a user using SSH and Apache, could get through your firewall protections. VERY interesting read.

iSeriesCodePoet
IBM iSeries (AS/400) Programmer
[pc2]
Want to have all your bookmarks in one spot? Make your links shorter:
 
Provided of course that you allow ssh out through your firewall in the first place.
 
This isn't exactly ground breaking. You can get similar results by connecting to
The traffic between your browser and the proxy is encypted (as in the "shunnel"), and you are able to browse the web without concern for school/employer monitoring. The difference, from a network monitor's point of view, is that you are connecting to a remote host on port 443 instead of port 80.
 
It isn't the firewalls fault anyhow. It is the service running on available ports that is the problem.

--Sapient2003 - sapient@sapient2003.com
"The worst insecurity is believing you are too secure."
 
It is actually very easy.

One: Block all traffic at firewall for your whole network

Two: Setup you own caching proxy server that changes the http headers going out (This is done so programs can't use your proxy for their connection)

Three: Setup Internal Caching DNS server

Four: Allow only the traffic from proxy IP and DNS IP

Five: Setup all IE with proxy info (can be done through Group Policies)

You just killed every software program out there including SSH, FTP, Kazaa, Yahoo, AOL, etc....

 
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
140
Sameer258
Sameer258
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
120
AllenH12
AllenH12
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
70
hairlessupportmonkey
hairlessupportmonkey
Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
98
Sparrow4
Sparrow4
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
116
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top