HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
 Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > SSL VPN connection multiplexing techniques
Go to: HSC Trainings
Search:  
 Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication 		  
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|SSL VPN connection multiplexing techniques  
> Access to the content HTML Beginning of the presentation
PDF PDF version [600 KB]  
> Description Describing non-standard techniques usually implemented by vendors in order to multiplex generic protocols (SOCKS-based techniques, HTTP encapsulation and PPP/SSL encapsulation) in a single tunnel, and how they bypass Firewalls (CONNECT HTTP method) to achieve this objective. Describing demonstrations of tools (ssldump, httptunnel etc.) used to understand SSL VPN internals. (30 min)  
> Context & Dates Talk presented during Upperside SSL VPN Conference 2005, on 7 April 2005.
 
> Author Franck Davy  
> Type [ English - HTML ]  
> Abstract &
Table of content		 Flyleaf
Agenda
Proprietary IPsec Solutions
Port Forwarding
Tunnel management protocols
HTTP Tunneling Filtering
SSL VPN traffic analysis
Conclusion
References  
> Related documents
themeVPN (Virtual Private Networks)
[Tool]  SSToPer tool [A Linux implementation for SSTP client - English]
[Presentation]  Tunnels detection at network border [2 June 2006 - French]
[Article]  Détection de tunnels aux limites du périmètre [2 June 2006 - French]
[Presentation]  SSLtunnel for Windows [22 September 2004 - French]
[Presentation]  SSLTunnel : VPN for roadwarriors [4 February 2004 - French]
[Tool]  SSLTunnel tool [PPP VPN on SSL - English]
[Presentation]  IP VPN with IPsec tunnels [12 September 2001 - French]
[Presentation]  How to insert VPNs in existing security architectures? [29 September 1999 - French]
[Presentation]  Protocols for tunneling and network security [29 September 1999 - French]
[Presentation]  Encrypted tunnels with Linux [18 June 1999 - French]
themeSSL (Secure Socket Layer)
[Course]  Data Exchanges Security: IPsec, SSL, SSH
[Presentation]  Tunnels detection at network border [2 June 2006 - French]
[Article]  Détection de tunnels aux limites du périmètre [2 June 2006 - French]
[Presentation]  Firewalls are not dead [10 May 2005 - French]
[Presentation]  SSLtunnel for Windows [22 September 2004 - French]
[Tip]  FTP over SSL [2 August 2004 - ]
[Presentation]  SSLTunnel : VPN for roadwarriors [4 February 2004 - French]
[Tool]  SSLTunnel tool [PPP VPN on SSL - English]
[Tip]  HTTP/HTTPS authentication methods [10 March 2003 - French]
[Presentation]  OpenSSL and applications of OpenSSL [6 November 2002 - French]
[Presentation]  Monkey in the Middle Attacks against SSH and HTTPS [23 January 2002 - French]
[Tip]  Apache: Virtual hosts and SSL (mod_ssl) [21 December 2001 - French]
[Tip]  Using OpenSSL for SSL/TLS applications [21 December 2001 - French]
[Tip]  Why HTTPS is not web security [7 May 2001 - English]
[Presentation]  Monkey in the middle attacks against SSH and HTTPS [6 February 2001 - French]
[Tip]  Instaling postfix with TLS (secure mail server) [30 November 2000 - French]
[Presentation]  Network encryption: IPsec, SSL, SSH [26 September 2000 - English]
[Presentation]  SMTP-TLS: Towards securing SMTP [11 September 2000 - French]
[Presentation]  Network Encryption: IPsec, SSL, SSH [26 April 2000 - French/English]
[Presentation]  Network Security with Linux: SSL, IPsec, SSH [1 February 2000 - French]
[Presentation]  Secure Socket Layer (SSL) [22 April 1997 - French]
themeSSH (Secure SHell)
[Course]  Data Exchanges Security: IPsec, SSL, SSH
[Tip]  OpenSSH client for ease, fun and ... profit [21 August 2007 - French/English]
[Tip]  SSH and X11 forwarding [27 September 2004 - ]
[Presentation]  Monkey in the Middle Attacks against SSH and HTTPS [23 January 2002 - French]
[Tip]  Remote administration of Windows systems (Part 1) - SSH [19 November 2001 - French]
[Tip]  Installing OpenSSH under Solaris [29 October 2001 - French]
[Tip]  Chrooting an account with OpenSSH [23 April 2001 - French]
[Tip]  Secret SSH [20 April 2001 - French]
[Presentation]  Monkey in the middle attacks against SSH and HTTPS [6 February 2001 - French]
[Presentation]  Network encryption: IPsec, SSL, SSH [26 September 2000 - English]
[Presentation]  Network Encryption: IPsec, SSL, SSH [26 April 2000 - French/English]
[Presentation]  Network Security with Linux: SSL, IPsec, SSH [1 February 2000 - French]
[Presentation]  Encrypted tunnels with Linux [18 June 1999 - French]
[Presentation]  SSH - Secure SHell [13 September 1995 - French]
themeWeb
[Course]  Web Servers and applications Security
[Tool]  Webef tool [Bruteforcer of web server files and directories - English]
[Presentation]  Webshells, or how to open your network's doors ? [21 October 2010 - French]
[Presentation]  JBoss AS: exploitation and reassure [11 June 2010 - French]
[Presentation]  Webshells, or how to open your network's doors ? [16 March 2010 - French]
[Presentation]  Webshells, real threat for information systems ? [1 December 2009 - French]
[Presentation]  Security issue seen in enterprises web applications [27 November 2008 - French]
[Presentation]  Application security [23 October 2008 - French]
[Presentation]  Feedback from PHP applications assessment [21 November 2007 - French]
[Presentation]  Evolution of Cross-Site Request Forgery Attacks [1 June 2007 - French]
[Presentation]  Encrypting hostile Web content over HTTP [31 May 2007 - French]
[Presentation]  Web 2.0 : more ergonomic... and less secure ? [22 May 2007 - French]
[Tip]  Configuring and using modsecurity2 [24 April 2007 - French]
[Tip]  Presentation of Apache ModSecurity module [14 June 2006 - French]
[Presentation]  Database and ERP security [15 June 2005 - French]
[Presentation]  PHP and security [27 November 2003 - French]
[Presentation]  Web Services and Security [10 September 2003 - French]
[Tip]  HTTP/HTTPS authentication methods [10 March 2003 - French]
[Presentation]  The cross-site scripting [27 February 2003 - French]
[Presentation]  DBMS and security [1 April 2002 - French]
[Presentation]  Apache and web servers security [1 February 2002 - French]
[Tip]  Implementing filtering on a reverse HTTP proxy using mod_eaccess [3 September 2001 - French]
[Tool]  Subweb tool [HTTP reverse proxy - English]
[Tool]  Babelweb tool [Automatic information retrieving from of a web server - English]
[Tip]  Universal CGI wrapper [5 August 2001 - French]
[Tip]  Why HTTPS is not web security [7 May 2001 - English]
[Tip]  Filtering URLs in a reverse proxy [5 May 2001 - French]
[Presentation]  Hacking web servers [14 March 2001 - French]
[Tip]  Why a reverse proxy [13 February 2001 - French]
[Tip]  Apache as a reverse proxy [11 November 2000 - French]
[Presentation]  Secure internet services (email, DNS, web) under Linux [26 September 2000 - English]
[Presentation]  Secure internet services (email, DNS, web) under Linux [26 April 2000 - French/English]
[Presentation]  Secure Internet services (email, DNS, web) under Linux [1 February 2000 - French]
[Techno-watch]  Netscape [16 January 1996 - French]
themeNetwork Security
[Presentation]  Forcasting in French cyberdefence doctrines [24 November 2010 - French]
[Presentation]  IPv6 Networks Discovery [30 May 2007 - French]
[Presentation]  IPv6: Network Security Threats [15 November 2006 - English]
[Presentation]  IPv6: impacts and threats [14 November 2006 - French]
[Presentation]  Manage IS security of wide enterprise [12 April 2005 - French]
[Presentation]  Stakes of network security [31 March 2005 - French]
[Presentation]  Ethereal: an open-source network analyzer and a must-have security tool [2 February 2005 - French]
[Presentation]  Network security stakes [14 October 2004 - French]
[Techno-watch]  CanSecWest 2002 Conference [4 May 2002 - French]
[Presentation]  Network security: Introduction and Bluetooth [9 November 2000 - French]
[Article]  Networks Security [25 July 2000 - French]
[Presentation]  Policy managment for network security [29 May 2000 - French]
[Presentation]  Firewalls, protection and supervision, VPNs: situation of the security tools market [20 January 2000 - French]
[Course]  TCP/IP Networks Security [25 November 1999 - French]
[Presentation]  Network security: intrusion risks and countermeasures [18 November 1999 - French]
[Presentation]  Network security techniques [6 March 1997 - French]
> Copyright © 2005, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 8 April 2005 at 17:39:46 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants