North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: HTTP Tunneling
Hi Eric, this sounds like a hack or is this valid for certain services that you've seen. thanks Mufti Nayeem Ahmed Network Systems Engineer Market Data Networks Reuters America Inc. (212)-603-3595 Eric Vyncke <[email protected]> on 06/14/2000 03:09:21 AM To: Mufti Ahmed/NYC/US/[email protected], [email protected] cc: Subject: Re: HTTP Tunneling Mufti, May be your director was thinking about tunneling a Telnet/SSH/IPSec/... session in a HTTP session. This is quite common to use HTTP (which is allowed through most firewalls configuration) to funnel other protocols through a firewall. If your firewall is a plain packet filter, sending Telnet traffic to a modified /etc/inetd.conf on port 80 will make the trick. If your firewall is a proxy firewall, you will have to add a HTTP header to it ;-) Basically, some trojans are using this technique. Other protocols used for tunneling are ICMP (remember loki ?), ... Hope this helps -eric At 18:38 13/06/2000 -0400, Mufti Ahmed wrote: >My Director was mentioning this phrase to me. Is this another term for >"TLS Within HTTP/1.1" RFC 2817. Maybe some one who works in the >ISP world is familiar with this term? Or do you think it's just a marketing >term for what i just mentioned? > >Thanks > >Mufti Nayeem Ahmed >Network Systems Engineer >Market Data Networks >Reuters America Inc. >(212)-603-3595 > > >----------------------------------------------------------------- > Visit our Internet site at http://www.reuters.com > >Any views expressed in this message are those of the individual >sender, except where the sender specifically states them to be >the views of Reuters Ltd. Eric Vyncke Consulting Engineer Cisco Systems EMEA Phone: +32-2-778.4677 Fax: +32-2-778.4300 E-mail: [email protected] Mobile: +32-75-312.458 ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. |