How do you stop outgoing spam?
Rafi Sadowsky
rafi-nanog at meron.openu.ac.il
Tue Sep 10 10:26:15 UTC 2002
## On 2002-09-10 10:02 +0300 Petri Helenius typed:
PH> >
PH> If somebody is ignorant enough to implement IP over HTTP, why should
PH> they be accommodated? There are numerous reasons why there are other
PH> port numbers to TCP than 80 and other protocol numbers to IP than 6.
Why do you think they're ignorant ?
Isn't TCP over HTTP is normally used to attempt bypassing of firewalls ?
IMHO Firewall/Security admins are ignorant
if they don't take this into account
AFAIK you can tunnel IP over(at least):
1) HTTP(not just use port 80 for non HTTP traffic)
2) ICMP ...
3) DNS queries(needs an external "custom" cooperating DNS)
--
Rafi
More information about the NANOG
mailing list