Firewall Wizards mailing list archives
Re: Bypassing firewall
From: Bennett Todd <bet () rahul net>
Date: Tue, 25 Jan 2000 14:27:33 -0500
2000-01-23-11:06:24 Mailing Lists:
But I overheard one of my users bragging that it bypassed the firewall using two linux machines doing port redirection. [...] btw, I don't know what the firewall used is, I'm the sysadm for my division, but we are using the corporate firewall.
Sounds like you should (a) advise your bragging user that they should cease and desist, if they don't want to get fired, and (b) advice the folks who run he corporate firewall that someone claims to be tunneling unapproved protocols through it. They should be able to catch that behavior reasonably quickly by analyzing logfiles; and in general catching it by finding anomalous traffic patterns is the only possible fix, since you can tunnel _anything_ over _anything_. Of course if your security policy doesn't have a clause that can be interpreted as "deliberately bypassing the controls imposed by the security dept. is grounds for termination", then that needs to get fixed too. And in terms of deeper followup, either the security policy and implementation need revising to allow this protocol the user has tunneled, or else the user desperately needs firing for sabotaging the company's security policy to do something not needed for work. -Bennett
Attachment:
_bin
Description:
Current thread:
- Bypassing firewall Mailing Lists (Jan 24)
- Re: [firewall-wizards] Bypassing firewall Magosanyi Arpad (Jan 25)
- Re: Bypassing firewall daN. (Jan 26)
- Re: Bypassing firewall Cliff Rayman (Jan 27)
- Re: Bypassing firewall Aaron D. Turner (Jan 27)
- Re: Bypassing firewall Bennett Todd (Jan 28)
- <Possible follow-ups>
- RE: Bypassing firewall jussi . jaakonaho (Jan 25)
- Re: Bypassing firewall Robert Graham (Jan 25)
- Re: Bypassing firewall Saravana Ram (Jan 28)
- RE: Bypassing firewall Riley, Steven (Jan 26)
- RE: Bypassing firewall Kaptain (Jan 28)
- RE: Bypassing firewall Robert Purdy (Jan 31)
- RE: Bypassing firewall Kaptain (Jan 28)
- Re:Bypassing firewall TDyson (Jan 28)
- Re: Bypassing firewall Steven M. Bellovin (Jan 31)