Mitigating Port Redirection AttacksMitigating port redirection requires the use of good trust models. Trust models can be implemented by proper access restrictions between hosts. As long as there is an implicit trust between hosts that is based on IP addresses, the problem of port redirection will not be solved. A host-based IPS can be used to detect and possibly prevent an attacker who is trying to install port redirection software, such as HTTPtunnel or NetCat, for use in a port redirection attack.In Figure 9-3, the firewall permits any machine on the Internet to connect to the web server on the DMZ. Additionally, the firewall permits all traffic from the DMZ into the internal LAN and permits all traffic from the DMZ to the Internet. Finally, the firewall permits all traffic from the internal LAN going out. Figure 9-3. Port Redirection Attack![]() ![]() |