Tunneling through 2 uncontrollable Firewalls

Printable View

Show 40 post(s) from this thread on one page

March 17th, 2006, 10:35 PM
Relyt

Quote:

Originally posted here by Tiger Shark
Ahhh... I see... The reason it _seems_ to be connecting through the firewall unmolested is because the software initiates a connection to the remote servers from inside the firewall when you start the app. The firewall therefore sees it as a valid connection. The app keeps the connection alive until you connect to it... again, because the initial connection was allowed by the firewall your subsequent connection to the remote appears to be just part of that valid connection so it is allowed...

Thanks for the clarification TS. And wouldn't that also indicate that anyone else using their server(s), regardless of their integrity, is "trusted" ?

Oh my!!

Cheers
March 17th, 2006, 10:46 PM
Tiger Shark

Quote:

And wouldn't that also indicate that anyone else using their server(s), regardless of their integrity, is "trusted" ?

Why, you know, I think you're right... Golly, that's scarey... Trusting another with your own security... I never liked that... ;)
March 18th, 2006, 02:34 AM
brokencrow

Quote:

Trusting another with your own security?

Don't we ALL do that on some level? You guys write your own OS's?

:)
March 18th, 2006, 04:48 AM
Synja

Ok... I'm not reading through the last page of this. I noticed this earlier but did not have an active account.

With the people who have posted in this thread, why on earth did nobody suggest reversing the client/server model?

That is the way to bypass firewalls. We've been doing it with trojans for a long time. The "server" is actually what is traditionally thought of as the client. The only real definition for client and server is who initiates the connection basically.

Ugh.
March 18th, 2006, 10:17 AM
nihil

Quote:

She has a funny tendency to have software fail on her computer, and rather than drive across the state, I'd like to set up a system where I can just get ahold of her computer from my

Errr...............does anyone really believe that (apart from Doppy :D )

And we have two firewalls that cannot have their settings altered? That means that there are ADMINISTRATORS involved (at both ends).........................so why should someone have to "drive across the state"?

Quote:

With the people who have posted in this thread, why on earth did nobody suggest reversing the client/server model?

Your answer is posted above :D
March 18th, 2006, 11:12 AM
Tiger Shark

Quote:

Don't we ALL do that on some level? You guys write your own OS's?

That's a whole different kettle of fish... But just like GoToMyPC is banned, blocked and has it's own IDS rules on my network because I would have to rely upon them remaining uncompromised this software would be treated similarly...
March 18th, 2006, 03:12 PM
brokencrow

Guess it'd be different if I lived in an "enterprise"...
March 18th, 2006, 03:14 PM
Tiger Shark

Not really... The principles don't change that much with scale... The basics certainly don't.
March 18th, 2006, 03:27 PM
nihil

Exactly, and the first principle is do not compromise the security of two entities and their AUPs.

Quote:

She has a funny tendency to have software fail on her computer

That does not happen to anybody...........either there is a malware problem, a software conflict problem, a hardware problem or a user ignorance problem...............or a mixture of them.

Remote desktop management tools are not what I would be looking for in the first instance.

;)
March 18th, 2006, 03:57 PM
brokencrow

Principles may not change that much with scale, but budgets do.

Show 40 post(s) from this thread on one page