Through the Httptunnel technology of this paper, while escaping the shield of firewall and the tracking test of the system, we can see that the network security depends only on some or some means is unreliable, while the blind dependence on the safety system often causes huge security hidden trouble. It is hoped that this paper can arouse the administrator's thinking on the network security protection system.
What is an HTTP hidden channel
What is LAN security, how can the system administrator ensure the security of LAN? This is a constantly changing concept of security, for a long time, in the LAN and the outside world to place a firewall, strict control of open ports, can be a large extent to grasp the initiative of security, Easy to control the user within and outside the network can use services. For example, only 80, 532 ports are open on the firewall, and malicious people, both inside and outside, will not be able to use some of the services that have proved more dangerous.
However, it should be noted that the firewall in a sense is very stupid, the administrator of the firewall and the excessive reliance on the resulting slack will inevitably form a major security risks, as a proof, "channel" technology is a good example, this article is to discuss.
So what is a channel? The so-called channel here is a way of communicating around the firewall Port shield. Packets at both ends of the firewall are encapsulated in the packet type or port allowed by the firewall, and then through the firewall and the End-to-end communication, when the encapsulated packets arrive at their destination, the packets are restored and the restored packets are delivered to the corresponding service. Examples are as follows:
A host system after the firewall, protected by the firewall, firewall configuration access control principle is to allow only 80 port data access, B host system outside the firewall, is open. Now suppose you need to telnet to the B system from a system. Using normal Telnet is certainly not possible, but we know that only 80 ports are available, so this time using the Httptunnel channel is a good idea, as follows:
On the A machine, a tunnel client side is allowed to listen for an unused, arbitrary port on this machine, such as 1234, while directing data from Port 1234 to the 80 port on the remote (b-Machine) (note, 80 ports, firewall allowed to pass), Then a server on the B-machine, also hooked on port 80, also directs 80 ports from the client forward to the local Telnet service port 23, so OK. Now on the a machine Telnet native port 1234, according to the packet will be forwarded to the target port 80 of the B-machine, because the firewall allows the data through 80 ports, so the packet flow through the firewall, to B machine. At this point, the B-machine is listening on the 80-port process received packets from a, the packet will be restored, and then returned to the Telnet process. When the packet needs to be returned from B to a, it will be loopback by 80 ports, which can also pass through the firewall smoothly.
In fact, the concept of tunnel has been in effect for a long time, and it is likely that readers have used similar techniques, such as the following URL http://www.http-tunnel.com. It is a professional provider of tunnel services, through their online tunnel server, users in the LAN can use the firewall screen icq,e-mail,pcanywhere, aim,msn, Yahoo,morpheus, Napster and so on a lot of software.