Software Firewalls versus Wormhole Tunnels
In a VPN configuration, most personal firewalls are configured to drop their shields (because all traffic is heading to and from a trusted source), so the VPN client is, in fact, a liability because there is no need to use a libpcap outbound wormhole-tunnel communications channel. The firewall will happily ignore whatever packets a malicious program might need and they go unfiltered through the "secure" VPN connection... Creating and using a wormhole-tunnel communications channel is not limited to malicious use by malware, spyware, viruses or worms. The following scenario illustrates how one can legitimately (and more robustly) bypass the firewall without the use of libpcap. [Ed.- and don't forget email, web browsers, and all the ways that SSH can sneak around firewall rules.]
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.