New MS VPN Protocol - or new backdoor covert channel?
blog.securitybalance.com
I've just read in Network World that MS is developing a new VPN protocol that works over HTTP, to avoid the known problems of making tunnels work through networks with NAT, firewalls and Proxies in place. I don't question the need for this when talking about the tunnel functionality. The SSL VPNs grew so much exactly to address these questions. In fact, the article in NW mentions that it will be a SSL VPN. However, I can already see problems with malware using it as covert channel to communicate with its master. Being a encrypted protocol, chances of detection by network monitoring will be very low.
New MS VPN Protocol - or new backdoor covert channel?
New MS VPN Protocol - or new backdoor covert…
New MS VPN Protocol - or new backdoor covert channel?
I've just read in Network World that MS is developing a new VPN protocol that works over HTTP, to avoid the known problems of making tunnels work through networks with NAT, firewalls and Proxies in place. I don't question the need for this when talking about the tunnel functionality. The SSL VPNs grew so much exactly to address these questions. In fact, the article in NW mentions that it will be a SSL VPN. However, I can already see problems with malware using it as covert channel to communicate with its master. Being a encrypted protocol, chances of detection by network monitoring will be very low.