Search squid archive

Re: Block HTTP-Tunnel (WOW)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 5 Sep 2005, Lasse [iso-8859-1] Mørk wrote:

It seems, like they are using a software called loophole (
http://www.loopholesoftware.com ) !!

One of many.. this particular one runs encrypted SOCKS ontop of an HTTP tunnel. There is several others, each with their own encapsulation. The perhaps worst in terms of security runs PPP ontop of HTTP providing a fully functional bidirectional link..

Damnit..

All you need to cure this is

a) A "terms of use" agreement and "security policy" allowing you to take action to the persons abusing the service / violating the security policy.

b) Monitor the Internet usage, and when finding users of loophole or other firewall piercing tools / filter avoidance tools take suitable action on these persons.

then (provided the action taken is sufficiently strong but not unmotivated) there won't be many attemting to do this after the first one getting caught..


As indicated in my previous message identifying these tunnels is not impossible, but a little practice may be needed as these tunnel softwares often intentionally tries to masquerade themselves as legit traffic.

Regards
Henrik

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux