Skype-Style Firewall Busting

Please check out “Skype-Style Firewall Busting with Ruby and UDP”.

I am not a security expert. Therefore, this question may be foolish. I wonder, might we let an incoming permission to "any"ware by this way while using CFP? I seems, at least, we do this for Skype.

aXes

he-he, thanks aXes, at least now I know why my Skype works although all ports for incoming are closed and ShieldsUp! confirms that my PC “has achieved a perfect “TruStealth” rating” :slight_smile:

I don’t think that’s anything new… most 3rd-party remote-access applications/services (logmein, gotomypc, etc) use this type of technique to avoid firewall conflicts, and not have to have dedicated open ports such as for p2p apps. A service runs on the local machine which establishes an outbound connection to the remote machine. When the remote machine responds, it is responding to an already-established connection so that it’s not an unsolicited inbound traffic.

It shouldn’t be a huge security breach, provided that you don’t leave it running all the time with an open connection. Reason being, there should be secure authentication going on to validate both ends of the connection. If you are ever concerned about that, fire up a packet sniffer and watch the traffic.

LM

You are welcome!

Skype is useful and well known product. But others we do not know?

aXes

Thanks for advice :slight_smile:

aXes

Radmin runs, depending upon your choice, either as a service or manually.

It is of course advisable not to run it as a service or, if you have to, to connect through a VPN (Hamachi works fine for that, but creates a specific 5.x range ip virtual adapter, which sometimes can fool your network connexions if you let it have priority over your normal adapter).

In both circumstances, your firewall will alert you, in the first case for the radmin connexion, in the second for the hamachi connexion, although it is supposed to come from your vpn that you will parameter only for that purpose.

Last, but not least, most of the remote control use a default port, well known by everyone, including hacking robots: the first thing to do is to change the default port.

Hi Guys,

That is called UDP Hole Punching which is used to establish end to end connections between two peers both of which behind a NAT. It is not something that can be used to leak data or anything. It is a very good way to establish an end to end tunnel without receiving any incoming connections hence making stateful inspection firewalls like CFP happy:) We have a similar tool using the same technique to be released soon :slight_smile:

No worries,
Egemen

Hi Egemen,

Thanks for kindly replying. And it is joyful to hear enhancements about Comodo.

aXes