Bypassing Firewalls Using ICMP-Tunnel

On the computer network a person feels himself not comfortable with all those security measures implemented (firewalls, proxy servers, Router Access lists…), these measures are very important to protect users but even if all these perimeters are installed we can have a good opportunity to eliminate and bypass them.

Usually there are some standard protocol that are allowed on any network (HTTP/HTTPS, SMTP, POP…) and even for these protocols traffic do not directly go to outside network but it passes by NAT over getaways that will scan and block non legitimate packets.

ICMP protocol has been used by system administrators to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached and while ICMP is required and do not cause a big threat from the security prospective you can find it enabled on most network.

Now there are many programs that allows user to create ICMP Tunnel for having a full access to internet such as (Simple ICMP tunnel, ICMP Shell and PingTunnel), the concept of ICMP tunneling works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back as a result client performs all communication using ICMP echo request packets.

What I suggest is to use Ping tunnel (Ptunnel) by Daniel Stodle which provides the following functionality:

* Tunnel TCP using ICMP echo request and reply packets
* Connection are reliable
* Handles multiple connection
* Acceptable bandwidth (150 kb/s downstream and about 50 kb/s upstream)
* Authentication to prevent others from using the proxy.

You will need to have 2 machines that runs ptunnel one Client and the second is the ICMP proxy server, On the client:

# ./ptunnel -p -lp -da -dp [-c ] [-v ] [-f ] [-u] [-x password]

On the proxy server:

# ./ptunnel [-c ] [-v ] [-f ] [-u] [-x password]

For Example:

# ./ptunnel -p 192.168.X.X -lp 4567 -da HomeserverIP -dp 80

Do not forget to configure your proxy browser settings to localhost on port 4567 and set the password on both side for authentication. you can use ptunnel for other TCP protocols such as SSH or pop the most important is to change the port value accordingly.The only negative point by using ICMP tunneling that bandwidth are not perfect but acceptable.

make sure you subscribe to my RSS feed!

Share
  • Pingback: Tweets that mention Bypassing Firewalls Using ICMP-Tunnel | SecTechno -- Topsy.com

  • Pingback: 倒入卡米爾

  • Pingback: Cesar

  • Pingback: Mourad Ben Lakhoua

  • Pingback: Mourad Ben Lakhoua

  • Pingback: Lee

  • Pingback: Jeyson Henao

  • Pingback: FlUxIuS

  • Pingback: Joshua Bent

  • http://www.pinoyden.com.ph/ Pinoy

    Just found an app for android that can create a vpn connection using ICMP or ping. it is called DroidVPN http://droidvpn.com/