When a security policy is in place, users will always try to bypass rules! When access to specific resources are denied, they will try to find alternative ways to access them (don’t ask why, it’s in the human behaviour!) Even worse with network resources! Some protocols might be denied by security policies: users still want to use them. There exists a lot of solutions like tunneling to achieve this. Tunneling means that a protocol “A” will be encapsulated in another protocol “B” and carried over a media which does not support the protocol “A”. It’s transparent.

A lot of data can be encapsulated in HTTP by example. I already discussed about the DNS Tunneling which allows TCP sessions to be passed trough DNS requests.

A new tool has been developed to pass HTTP traffic into SMTP! It’s called HoSProxy and allows web traffic via a specific proxy running locally. This proxy sends HTTP requests via emails to a server installed outside the restricted area!

BTW, yesterday I read an article about the P2P networks and how to [try] to restrict them. In this article, Hervé Rony, general manager of the SNEP [1] explained that P2P protocols should be filtered by ISPs to stop P2P networks and copy of illegal materials. I would suggest Mr Rony to have a look at tools such HoSProxy! Blocking protocols will never be a right solution.

[1] Syndicat National de l’Edition Phonographique (in France)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.