[pptp-server] Bypassing the firewall

Joey Coco anesthes at cisdi.com
Sat Aug 18 22:16:45 CDT 2001 

Hello,

Well thats kind of the whole idea behind a VPN..  Unfortunately a VPN
is a "hole" and holes can be exploited. 

-- Joe

On Sat, 18 Aug 2001, Stan A. Rogge wrote:

> Isn't the purpose of your company's firewall to prevent exactly what your trying to do?
> 
> If you are successful bringing up an external Network link into the middle of your company's internal network, isn't your company's Network Security compromised?
> 
> ----- Original Message ----- 
> From: "Sexy Boy" <Sexy-Boy at NetCourrier.Com>
> To: <pptp-server at lists.schulte.org>
> Sent: Saturday, August 18, 2001 4:38 PM
> Subject: [pptp-server] Bypassing the firewall
> 
> 
> > Hi,
> > 
> > I have a litlle (big for me :-) problem and if some can help me it would be
> > cool. So this is my problem :
> > 
> > At home, i configure a PPTP server on my linux box and it is working fine.
> > 
> > At my office, i would like to connect my NT 4.0 Workstation to my linux
> > server but the problem is the firewall which allows only connection to port
> > 21, 25, 80, 110, 443 but not 1723 ! (There is no way to change the firewall
> > setting because it's managed by an external company and i can't ask them to
> > change anything !)
> > 
> > So what i'm trying to do is bypass the firewall with port redirection :
> > 
> > On my NT 4.0       : i redirect local port 1723 to the remote port 443 on my
> > linux box
> > On my Linux server : i redirect local port  443 to local port 1723
> > 
> > So if i want to connect to my Linux server on port 1723, i configure the RAS
> > to connect to localhost:1723 which is redirect to remote:443 (this bypass
> > the firewall) => redirect to linux:1723.
> > 
> > The redirection is OK because i see the packet to my linux server (with
> > tcpdump).
> > The problem is that my Linux server considers that a local connection is
> > attempted and refuse the connection !!!
> > 
> > So my question is : Is there a way to allow local connection to a PPTP
> > server (local connection = server and client on the same machine like FTP or
> > HHTP) ?
> > 
> > Thanks a lots,
> > Francois.
> > 
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> > 
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
> 

_____________________________________________________________________________
"I will never engage myself in a corperation backed by a religion, making 
tax free profits while standing behind the protection of a execution symbol.
I will never allow myself to be lured by the perversion of priesthood.
I will never sit and watch my brothers starve in poverty living on the steps
of a so-called house of god, nor will I ever call someone my father who is 
not closer than a stranger.." 
-----------------------------------------------------------------------------
http://members.cisdi.com/~anesthes/  AIM:imd3fc0n  IRC:irc.epix.net #mac defcon

More information about the pptp-server mailing list