- allowed port22/SSH outgoing
- Squid proxy on port443 and port80
- NAT support
- outgoing VPN allowed
SOCKS4/5 proxy
- using ssh -D8080 root@remote-host.com
- using proxifiers (HTTP/SOCKS) / stunnel-encrypt any TCP connection (single port service) over SSL
- (then use as SOCKS/HTTP proxy in btclient)
Bypassing SQUID
- HTTP CONNECT on specified FQDN peers (to bypass CONNECT to IPaddr filter). The peers are HTTP proxies.
- openvpn multiplexes on a single TCP/UDP port
- IPSec, security scheme on layer3/Network layer (OSI)/Internet layer
NAT on tcp/443
- all browser sessions use proxy
With most network administrators allowing only traffic via the network proxy or on selected, many applications have now the ability to use proxies to bypass these restrictions.
ReplyDeleteIt may be critical to detect the kinds of applications using their traffic patterns, instead of just relying on port information.