HTTP(S) tunnels used to violate firewall
From: Daniel A. Murray \(daniel.a.murray\) ("Daniel)
Date: 08/29/04
- Previous message: Thomas: "web history"
- Next in thread: Jim Harrison [MSFT]: "Re: HTTP(S) tunnels used to violate firewall"
- Reply: Jim Harrison [MSFT]: "Re: HTTP(S) tunnels used to violate firewall"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 28 Aug 2004 20:23:36 -0400
HTTP(s) tunnels seem to be getting a bit more popular, and as they are true
tunnels, very diffucult to intercept and block. In the 'old' days of IPSEC
tunnels, it was easy to block the required ports, but over 80 and 443,
almost impossible, it seems, unless we get very draconian and either block
all web traffic (a lot of which is required for legitimate business needs)
or get into a white-list scenario which could get to be an administrative
nightmare...
any thoughts on how to identify HTTP(S) tunnel traffic at the initial
negotiation phase and dynamically block both source and destination IPs?
- Previous message: Thomas: "web history"
- Next in thread: Jim Harrison [MSFT]: "Re: HTTP(S) tunnels used to violate firewall"
- Reply: Jim Harrison [MSFT]: "Re: HTTP(S) tunnels used to violate firewall"
- Messages sorted by: [ date ] [ thread ]
