[Owasp-sydney] tunneling proxy
Paul.Theriault at stratsec.net
Thu Mar 10 05:12:11 EST 2011
Sounds like a potential topic for discussion/presentation at our next meeting? Volunteering ? :)
And on that note, we are long overdue for another meeting, but are having trouble getting speakers.
Anyone have a presentation they have up their sleeve? I am chasing a few people but don't have anyone concrete at the moment.
Otherwise do we want have a meeting anyways - one idea I had was to just go review in detail some of the outcomes of the global OWASP conference (did anyone go, or get involved remotely?)
Or we could just get together for a beer :)
What say you?
From: owasp-sydney-bounces at lists.owasp.org [owasp-sydney-bounces at lists.owasp.org] On Behalf Of Graham Chow [graham_chow at yahoo.com]
Sent: Thursday, March 10, 2011 6:14 PM
To: Owasp-sydney at lists.owasp.org
Subject: [Owasp-sydney] tunneling proxy
Having some time on hand, a little bit of effort was consumed building a homebrew tunneling proxy. It got me thinking, how does a corporate network protect itself against these sorts of vunerabilities.
The only protection known is
1) proxy to mandate ip addresses that resolve to real dns names that have existed for a period of time.
2) use NTML authenticate proxy (technical barrier)
3) black list certain third party software/traffic hence the homebrew effort
4) payload inspection (need to use encryption - other than ssl)
5) Don't give admin access to users (we have - although is admin required)
Owasp-sydney mailing list
Owasp-sydney at lists.owasp.org
Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg
Click here to report this message as spam:
More information about the Owasp-sydney