[lug] HTTP Tunneling

Zan Lynx zlynx at acm.org
Fri Oct 6 10:35:51 MDT 2006

On Thu, 2006-10-05 at 22:20 -0600, Dan Ferris wrote:
> Dear List,
> I have helped a friend set up a DansGuardian Proxy filtering system for 
> her school district in Missouri.  The Firewall blocks all traffic to the 
> internet period.  The only traffic allowed to the net is via the 
> DansGuardian Proxy server.  When I say everything is blocked, I mean 
> everything.  None of the common VPN protocols will work (IPSec, PPTP, 
> L2TP etc), HTTPS will not work, and I'm pretty sure that OpenVPN won't 
> work (I'm not 100% sure about this we would have to test).
> I'm convinced the only way around the proxy server is via a CGI proxy 
> which we can deal with via DansGuardian, or by HTTP tunneling.
> So my question to the list is:
> Does anybody know an easy way to detect HTTP tunneling?  I have never 
> used it before.  At the moment I'm thinking the easiest way is to look 
> for long periods of large data transfers via HTTP.  Am I on the right track?

Hey, you just gave me a cool idea for a web browser browser using
AJAX. :)

Use XMLHTTPRequest to get the pages from a cooperating remote web server
gateway, which wraps them up and encodes them.  Then the Javascript on
the client unwraps the pages and removes the encryption and drops the
whole page in a "frame".

It'd be cool.

For even better security transmit the data as steganography in pictures
of puppies, although I am not sure how XMLHTTPRequest reacts to non
Zan Lynx <zlynx at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20061006/baa48312/attachment.pgp>

More information about the LUG mailing list