[lug] HTTP Tunneling
dan at usrsbin.com
Thu Oct 5 22:20:43 MDT 2006
I have helped a friend set up a DansGuardian Proxy filtering system for
her school district in Missouri. The Firewall blocks all traffic to the
internet period. The only traffic allowed to the net is via the
DansGuardian Proxy server. When I say everything is blocked, I mean
everything. None of the common VPN protocols will work (IPSec, PPTP,
L2TP etc), HTTPS will not work, and I'm pretty sure that OpenVPN won't
work (I'm not 100% sure about this we would have to test).
I'm convinced the only way around the proxy server is via a CGI proxy
which we can deal with via DansGuardian, or by HTTP tunneling.
So my question to the list is:
Does anybody know an easy way to detect HTTP tunneling? I have never
used it before. At the moment I'm thinking the easiest way is to look
for long periods of large data transfers via HTTP. Am I on the right track?
I like to think of Jesus as an Ice Dancer, dressed in an all-white jumpsuit, and doing an interpretive dance of my life.
More information about the LUG