The Hole in Your Firewall
Your firewall is a major component in your internet security strategy.
Firewalls provide you with many security features you need in order to
protect your network. However, if you want to use the web you must keep
ports 80 and 443 open. Firewalls can help you by preventing outgoing
connections to rouge web sites if the IP of such sites are defined
implicitly to the firewall. However,
most of the firewalls if not all,
do not examine outgoing and incoming Encrypted packets through ports 80 and
443. Firewalls also are incapable of stopping any "Distributed Hash Table"
(DHT) routed packets, since DHT does not use IPs. Firewalls were sufficient
in the past when other protocols and circumventing proxies did not use ports
80, and 443 for communications.
The hole in your firewall was created by the technical development of
protocols (such as Gnutella, Kaza, and Bit torrent) and circumventing
proxies that intentionally use ports 80, and 443 to avoid and render
ineffective your firewall. P2P protocols mask packets by encryption and the
use of DHT. DHT eliminates the possibility of firewall blocking based on a
specific destination IP since DHT does not use any IPs in its communication.
In order for firewalls to stop those encrypted packets, it must have the
facility to decrypt those packs. Firewalls do not have the decryption
facility because it is impractical to decrypt using man-in-the middle
strategy, since it does impair the functionality of the total network
because of the unacceptable latency caused by the decryption function.
SO YOU HAVE A HOLE IN YOUR FIREWALL. Encrypted DHT packets generated by
circumventing proxies and P2P protocols can pass through ports 80 and 443
with unknown payloads without inspection and unchallenged by your network
firewall.
How Dangerous Is This Firewall Hole?
Internet Protocols such as Gnutella, Bit Torrent, Kaza, LimeWire, etc., and
circumventing proxies enjoy an almost virus-like popularity as an easy means
of sharing music and video files with other media enthusiasts.
Unfortunately, they can also share sensitive corporate and personal data
with strangers around the block, the country or the world. Real life studies
show millions of data breaches caused by the unchallenged usage of ports 80
and 443 encrypted and or DHT packs created by these protocols. Data's
breaches are a common everyday occurrence on the internet. Information
leakage and data breaches are very expensive, embarrassing, and may lead to
criminal prosecution, statutory damages, forfeiture of network equipment and
victim's restitution.
Even so, another major and catastrophic damage
resulting from allowing unchallenged ports 80 and 433 encrypted DHT packs is
Botnets, and
Malware. The originators of Botnet and viruses use the hole in
your firewall to embed malicious viruses and Botnet in encrypted DHT packets
through ports 80 and 443 because they know that you cannot stop those
packets. Your current viruses and malicious defenses cannot capture the
embedded and encrypted viruses and Botnet. Your network is exposed to the
most dangers risk in the internet.
However, another Major problem caused by the inability to inspect encrypted
DHT packets through ports 80 and 433, is network congestion. DHT causes
network delays and congestions for two reasons. The first is DHT represents
an overlay routing, which is NOT compatible with the standard internet
routing, as a result major network congestions occur because of the
disruption of routing caused by DHT. The 2nd reason is the massive size (in
GB's) of digital data being shared through DHT if the packets are generated
by a file sharing protocol..
The hole in your firewall is getting bigger each day threatening the very
survival and security of your network. There is no other security device can
stop this threat including IDS (intrusion detection), IPS (intrusion
prevention), packet shapers, web scrubbers Etc. Protection from this
threat is available NOW.
