Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RealPlayer and RH6.1 revisited



Do you allow SecureHTTP (HTTP+SSL, usually port 433) through your
firewall?  If so, you wont be able to inspect it.  Do you do stateful
inspections of all your emails?  All your Usenet posts?  Do you
monitor all your telnet sessions character by character?

-derek

Ron Peterson <rpeterson at yellowbank.com> writes:

> 
> Derek Atkins wrote:
> > 
> > If you allow any real-time protocol through your firewall, someone can
> > tunnel through it.  It's a fact of life.  If you allow telnet, ssh,
> > http, even nntp or smtp, it can be used to tunnel another protocol.
> > If you want to disable tunneling, unplug yourself from the 'net.  If
> > that isn't an option, then you're going to have to use social means to
> > prevent people from doing it.
> 
> Or stateful inspection tools.  Which is what I was asking about.

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/      PP-ASEL      N1NWH
       warlord at MIT.EDU                        PGP key available
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org