--Nm48CqPeykZpOG4/ Content-Type: text/plain; charset=us-ascii 2000-01-23-11:06:24 Mailing Lists: > But I overheard one of my users bragging that it bypassed the firewall > using two linux machines doing port redirection. >[...] > btw, I don't know what the firewall used is, I'm the sysadm for my > division, but we are using the corporate firewall. Sounds like you should (a) advise your bragging user that they should cease and desist, if they don't want to get fired, and (b) advice the folks who run he corporate firewall that someone claims to be tunneling unapproved protocols through it. They should be able to catch that behavior reasonably quickly by analyzing logfiles; and in general catching it by finding anomalous traffic patterns is the only possible fix, since you can tunnel _anything_ over _anything_. Of course if your security policy doesn't have a clause that can be interpreted as "deliberately bypassing the controls imposed by the security dept. is grounds for termination", then that needs to get fixed too. And in terms of deeper followup, either the security policy and implementation need revising to allow this protocol the user has tunneled, or else the user desperately needs firing for sabotaging the company's security policy to do something not needed for work. -Bennett --Nm48CqPeykZpOG4/ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4jfkkL6KAps40sTYRAZIpAJ9b3j8YUaiaj1yNNNrgMVEHJ2RA3QCfYd0u zbxtk3c959uE/x1gurNnSAY= =XyFx -----END PGP SIGNATURE----- --Nm48CqPeykZpOG4/--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:17 PDT