Threat of HTTP tunnels

The computer security world has come a long way over the past decade or so. There are all kinds of programs to mitigate external threats and the ever present spectre of viruses. What about those programs that are initiated from the trusted internal network though? Read on to learn more about the threat of HTTP tunnels.

When people hear the words HTTP tunnels they often think quite literally. To them it is some data being transported inside of HTTP data. This line of reasoning is in actuality not far off from the truth. Data is being transported via port 80 and that port is normally associated with HTTP, but that is where the literal interpretation mentioned above ends. Typically, data is not encapsulated within the HTTP protocol itself, but merely sent over port 80. To understand the whole reasoning behind HTTP tunnels we first need to understand a few concepts and how they impact the usage of these tunnels. HTTP Tunnels

Linked by shanmuga Thursday, 5th January 2006 11:49PM