[Owasp-sydney] tunneling proxy

Graham Chow graham_chow at yahoo.com
Thu Mar 10 02:14:37 EST 2011


Having some time on hand, a little bit of effort was consumed building a homebrew tunneling proxy. It got me thinking, how does a corporate network protect itself against these sorts of vunerabilities. 

The only protection known is 
1) proxy to mandate ip addresses that resolve to real dns names that have existed for a period of time.
2) use NTML authenticate proxy (technical barrier)  
3) black list certain third party software/traffic hence the homebrew effort
4) payload inspection (need to use encryption - other than ssl)
5) Don't give admin access to users (we have - although is admin required)

Graham
> 
> 


More information about the Owasp-sydney mailing list