|
Programs such as the Tiny VPN, Hamachi, PacketiX VPN, and
HTTP Tunnel nowadays pose a potential threat to the network
security when they are deployed on a secured network
segment. These programs utilize the tunneling
technologies, where the data transfers in and out of the
network are encrypted. This network behavior could place
possible security issues where malicious users can cause
information theft since the transferring processes cannot be
monitored due to encryptions. Especially the Hamachi program,
it is a combination of the tunneling and P2P technologies;
Hamachi bypass the access control of VLAN or different subnet
to allow user setup a peer-to-peer communications in the
private network. Program like these may pose a great
danger to a secured, corporate networking environment.
BroadWeb BSST has defined signatures for the above
mentioned tunnel programs:
|
Program |
Pattern version |
Signature Name |
|
PacketiX VPN |
3.47 |
#1052586_TUNNEL PacketiX VPN
connection attempt |
|
Hamachi |
3.46 |
#1052289_TUNNEL Hamachi login
attempt |
|
Tiny VPN |
3.46 |
#1052290_TUNNEL TinyVPN login
attempt |
|
HTTP tunnel |
3.50 |
#1052604_TUNNEL HTTP-Tunnel client
connection attempt |
If company policy does not allow the use of above tunnel
applications, please change the actions of this rule to drop
packets and reset connection in order to prevent possible
information leakage.
About BSST
Broadweb Security Service Team (BSST) - Empower Your
Network Security. Broadweb NetKeeper Intruder Prevention
System delivers the protection against intrusion, worms, DDOS,
Instant messaging, P2P, Web-Mail, and Web
Post. |
