OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archives: Re: TCP port 6699 (follow up) & non s

Re: TCP port 6699 (follow up) & non standard traffic on standard ports

Dorian Moore (dkleber.net)
Tue, 16 Nov 1999 19:08:46 +0000

> As a side note, I have noticed that we have touched on the topic of non
> HTTP protocols (e.g., SOAP) being engineered to be passed over HTTP,
> just the way that these Napster folks appear to be (ab)using the ports
> for FTP & telnet.
>
> I can only imagine that, in an effort to make an end-run around
> firewalls and proxies, many software developers will begin trying to
> tunnel all kinds of traffic over standard ports. It will doubtless be
> much more difficult to tunnel non-standard traffic over proxies than
> over masquerading firewalls.

Progressive Networks/RealAudio (http://www.real.com) are doing this
allready, and have been for some time. The next version of Apple's
Quicktime (v4.1) and the Darwin (open source...) Streaming server will
also be set to 'emulate' an http transfer when a firewall is in the way.

It does seem more and more common for this approach to tunnel client
requests through open ports on a firewall so that the data type is
transfered in this way, but theoretically applications protocols will be
configurable to deny this kind of transfer. However I can see that this
is opening the way to DOS attacks on end users... The RealPlayer
applications is (IMHO) horrendously unstable as it is.. can't imagine it
would take much to overload it.

d. 

-- 
Dorian Moore is property of Kleber Design Ltd. If found please contact Kleber
by phone on +44 207 581 1362 or visit http://www.kleber.net for further details.
You really shouldn't listen to anything he says... as it may just be an opinion

This archive was generated by hypermail 2.0b3 on Thu Nov 18 1999 - 04:26:12 CST