|“||a technique to encapsulate one communication data stream inside of another, in order to extend the advantages of the latter to the former. Attackers will often tunnel a network protocol that would not be allowed to cross network boundaries inside of another that is allowed, defeating perimeter defenses.||”|
|“||[a] method for circumventing a firewall by hiding a message that would be rejected by the firewall inside a second, acceptable message.||”|
Typically, insecure, unencrypted traffic is tunneled within an encrypted connection. The normal services on the user’s computer are available, but run through the tunnel to the non-filtered computer which forwards the user’s requests and their responses transparently.
- Web tunneling is software that restricts the tunneling to web traffic so that web browsers will function securely, but not other applications. Examples of web tunneling software include UltraReach, FreeGate, Anonymizer, Ghost Surf.
- Application tunneling is software that allows a user to tunnel multiple Internet applications, such as e-mail and instant message applications. Examples of application tunneling software include GPass, HTTP Tunnel, Relakks, Guardster/SSH.
- ↑ Practices for Securing Critical Information Assets, Glossary, at 58.