Firewall Wizards mailing list archives

Re: dns outbound

From: "Marcelo Barbosa Lima" <marcelo.lima () dcc unicamp br>
Date: Thu, 20 May 1999 00:28:10 -0300


It'll be _very_ easy to add enough obfuscation to the HTTP transfer to
make sure that the HTTP proxy or MLSI filter won't have a clue. A
little encryption will go far, even with a 20-bit key to keep the
NSA^H^H^Hlaw enforcement happy. It may pollute a Squid cache, but
it'll get through.

I'm tempted to write an internet draft 'General Purpose stealth
tunneling through HTTP', just to make a point.


   I saw one way to make it stealth using simply GET
(http://www.anithing.com/data_tunelling) command (trojan horse client) and
replies (server spoofed).


                                Marcelo Barbosa Lima
                                  marcelo.lima () dcc unicamp br
                             Mestrado em Ciencia da Computacao

Current thread:

Re: dns outbound, (continued)
- - - Re: dns outbound Bennett Todd (May 19)
- Re: dns outbound Robert Graham (May 17)
  - Re: dns outbound Deepak Vaidya (May 17)
  - Re: dns outbound wyllys (May 18)
    - Re: dns outbound David Gillett (May 19)
    - Re: dns outbound wyllys (May 21)
    - Re: dns outbound Bennett Todd (May 19)
- RE: dns outbound Frank W. Keeney (May 17)
- Re: dns outbound Bill_Royds (May 17)
- Re: dns outbound Robert Graham (May 19)
- Re: dns outbound Marcelo Barbosa Lima (May 21)