Regulate Tunnels for Enhanced Security

Have you ever operated a tunnel for your business network? Know the risk that could offset the anticipated benefits.

When a tunnel is used, it can evade a security device as it encrypts transmitted content so that the device cannot see all the data in transit.

Illustrating tunnel mode
Tunnel Mode

In HTTP tunnelling, the client, generally a browser running on a computer inside a network sends a request to a proxy using the CONNECT method. The proxy server opens the connection to the destination, sends the request, receives the response, and sends it back to the client.  All traffic is then tunnelled inside normal GET and POST requests and responses. An HTTP tunnel, therefore, allows access to programs on the internet without being monitored, though it uses plain text and will risk exposure of any activity sent to the target server.

The Secure Shell (SSH) tunnels reduce the risk of firewall blocking and protect you against eavesdropping. Secure Shell is a protocol that uses encryption to provide confidentiality, host-based authentication, and integrity protection. An SSH tunnel is a way to bypass firewalls that restrict access to outside servers. If, when accessing outside content, users are required to pass through a proxy filter, they can circumvent this by connecting an external SSH server, and create an SSH tunnel to forward a given port on their local machine to port 80 0n a remote server, provided port forwarding is enabled on the server.

A Virtual Private Network (VPN) is one among many applications that use a tunnel to encrypt data as it flows between your networked device and the Internet. Whereas the ideal intention is to enhance privacy, free VPNs on the contrary, can compromise your security through adware, backdoors, tracking of your online activity, and sale of personal browsing data to third parties.

Ways to Lessen the Threat of Tunnels

  1. Allow only preapproved software, and prefer it be installed by the administrator or network specialist.
  2. Only trust a licensed VPN for real privacy
  3. Close any unnecessary ports and services
  4. Use anti-virus and anti-malware programs
  5. Tune your devices to monitor for lengthy connections using port 80 as it may indicate an HTTP tunnel
  6. Inspect log files regularly and build statistics
  7. Prevent unwanted traffic by using an application proxy firewall
Share this

Leave a Comment

ABOUT AUTHOR

Scroll to Top
Chat with us
Chat with us
Questions, doubts, issues? We're here to help you!
Connecting...
None of our operators are available at the moment. Please, try again later.
Our operators are busy. Please try again later
:
:
:

The data collected by this form is used to get in touch with you. For more information, please check out our privacy policy
Have you got question? Write to us!
:
:

The data collected by the chat form is used to get in touch with you. For more information, please check out our privacy policy
This chat session has ended
Was this conversation useful? Vote this chat session.
Good Bad