'Preventing' HTTP Tunneling
  Direct HTTP for http://www.example.com/
  $ nc www.example.com 80
  GET / HTTP/1.0
  Host: www.example.com
  HTTP/1.1 200 OK
  Date: Thu, 25 Sep 2003 20:30:00 GMT
  Server: Apache
  Content-Length: 5773
  Connection: close
  Content-Type: text/html; charset=iso-8859-1
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
   "http://www.w3.org/TR/REC-html40/loose.dtd">
  ...

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at SecureWorld Expo, 2003.

Presentation created using vim and MagicPoint.