null Pune meet - Evading Firewalls: Tunneling

1,968 views
1,805 views

Published on

null Pune meet - Evading Firewalls: Tunneling – By Murtuja Bharmal
http://null.co.in

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,968
On SlideShare
0
From Embeds
0
Number of Embeds
57
Actions
Shares
0
Downloads
47
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

null Pune meet - Evading Firewalls: Tunneling

  1. 1. <ul><li>TUNNELING/COVERT CHANNEL </li></ul><ul><li> I Just need one open port </li></ul>
  2. 2. What is Tunneling? <ul><li>One network protocol (payload protocol) encapsulated within the different protocol (delivery protocol) to provide a path through a network </li></ul>
  3. 3. What is Covert Channel? <ul><li>A channel that is used for information transmission, but that is not design nor intended for communication </li></ul>
  4. 4. Protocol at Different Layer <ul><li>Application Layer: FTP, Telnet, SSH, </li></ul><ul><li> SMTP, DNS, HTTP/S </li></ul><ul><li>Transport Layer: TCP, UDP </li></ul><ul><li>Internet Layer: IP, ICMP, IGMP </li></ul><ul><li>Data Link Layer: MAC </li></ul>
  5. 5. The General Covert Channel Framework
  6. 6. Properties <ul><li>Undetectable </li></ul><ul><li>Robustness </li></ul>
  7. 7. When you will find it useful? <ul><li>When your boss will ask you, what discussion you are having with your friend on chat, about me </li></ul><ul><li>When your rediffmail password or ftp server password will got hacked, because you are using internet in ad-hoc network </li></ul><ul><li>When you are not able to access some service outside your network, because of access policy </li></ul>
  8. 8. Purpose <ul><li>Penetration test of Firewall/IPS/Proxy </li></ul><ul><li>Secure communication over ad-hoc network </li></ul>
  9. 9. Isn’t that a bit subversive? <ul><li>Well, Yes…… </li></ul><ul><li>And Privacy </li></ul><ul><li>And Freedom </li></ul><ul><li>Ok, how do we start </li></ul>
  10. 10. Scenario <ul><li>ICMP Tunneling </li></ul><ul><li>SSH Tunneling </li></ul><ul><li>HTTPS Tunneling Using Proxy </li></ul>
  11. 11. Tools <ul><li>Ptunnel </li></ul><ul><li>SSH Client/Server </li></ul><ul><li>Putty </li></ul><ul><li>Cctt(Covert Channel Tunneling Tool) </li></ul><ul><li>g00gle CrewBots </li></ul><ul><li>MsnShell </li></ul><ul><li>Wsh(Web Shell) </li></ul><ul><li>Cooking Channels </li></ul>
  12. 12. ICMP Tunneling Firewall Pen Tester Echo request Echo reply Echo request Echo reply SSH SSH ICMP Proxy Server Destination
  13. 13. SSH Tunneling Ad-hoc Network User SSH SSH SSH SSH SMTP/FTP SMTP/FTP SSH Server Destination
  14. 14. HTTPS Tunneling SSH SSH Proxy Port Proxy Port HTTPS HTTPS HTTPS HTTPS Pen Tester SSH Server on Port 443
  15. 15. Murtuja Bharmal (bharmal.murtuja@gmail.com)

×