[ale] OT: ICMP Tunnel

Transam bob at verysecurelinux.com
Mon Jun 16 12:08:26 EDT 2003


On Sun, Jun 15, 2003 at 04:21:40PM -0400, Christopher Fowler wrote:

I must point out that implementing such a plan probably could be
interpreted as a criminal act to defraud.  I will assume that your
posting merely was for an intellectual exercise.  On that note,
depending on how clever they are with filtering, it would be easy
for someone with Linux network programming experience.

> On my trp to IL and MN, I ran into 2 instances of attempting to
> get fast internet access.  In both instances, I could ping a remote
> host but could do nothing else.  When I would fire up a browser, I
> would be directed to a page prompting me to pay X amount of dollars
> for short term access.  So I had a thought of building a tunnel that
> would create a VPN back to a host running a server for that tunnel.

> The idea is to use the data portion of the ICMP packet to store 
> a packet header plus data that should be redirected to a pppd 
> server running on both the client and the server.  Since ping was
> successful between the networks, This woul make it possible to 
> do a network tunnel using ICMP as the transport.  The only
> problem is that ICMP is not a reliable protocol so all the
> reliability will have to be built into the client and the
> server.  It will be a tad slower than paying the fee but far
> cheaper. 

> Any ideas?

> Chris

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list