HTTP Tunneling allows access to programs on the internet without being monitored. Lisa Bock compares HTTP tunnels to true tunnels such as L2TP, Teredo, or IPSec. Discover that an HTTP tunnel doesn’t encapsulate within the HTTP protocol, but sends contents over port 80, and can evade security devices.
- View Offline
- [Voiceover] When thinking of a tunnel,…we think of a tunneling protocol…such as Teredo or 6to4 tunneling for dual stack.…Let's take a look.…I'm at this webpage which is Cloud Shark,…and this is a small packet capture that…illustrates the use of Teredo.…I'll place my cursor down here just to highlight here…Teredo IP version 6 over UDP tunneling.…And what this is, is this enables…an IP version 4, an IP version 6 network, to coexist,…but we have to tunnel one within the other.…
So if we take a look here,…I'll aim my cursor right here,…we see IP version 6, but tucked within it…we see the other header which is IP version 4.…So that's one example of tunneling.…We might also think of tunneling such as IPSec,…Layer 2 Tunneling Protocol, or SSL for encryption.…When a true tunnel is used, it may evade a security device…as it's going to glance over the outer IP layer…and not examine the inside.…
In addition, if the tunnel encrypts the content,…the device can't see the contents at all.…An HTTP tunnel allows access to programs…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling