21C3 Schedule Release 1.1.7

21st Chaos Communication Congress
Lectures and workshops

Speakers
Picture of Alien8 Alien8
Picture of Maik Hentsche Maik Hentsche
Schedule
Day 3
Location Saal 4
Start Time 15:00 h
Duration 01:00
INFO
ID 40
Type Lecture
Track Hacking
Language english
FEEDBACK

Firewall Piercing

Creative exploitation of valid Internet protocols to get your data through obstacles

IT will be shown how IPv4 based protocols can be used to tunnel data through Firewalls while maintaining RFC compatibility. The goal is to show a broad spectrum of techniques. However, a few examples are presented in more detail.

In August we gave a lecture [0] about Firewalls in general as part of the "Themenabend" series [1] of the Chaostreff Dresden (c3d2) [2]. One of the topics covered was how to overcome obstacles introduced by Firewall systems. Techniques covered were tunnels over:

  • HTTP
  • HTTPS
  • SSH
  • ACKs
  • DNS
  • ICMP
  • Hiding data in TCP headers

We've spend quite some time since to further explore and improve those methods. We would like to present and discuss them on 21C3. The audience is expected to be familiar with IPv4 based protocols such as ICMP, TCP, HTTP and so on.