A tunneling protocolย is used to move data across networks using a communications protocol. Information flows between devices and networks over the Internet usingย point-to-point tunneling protocols which are generally divided into two parts having rules of transmission and the actual transmitted data.
Tunneling protocols use encapsulation to transmit a packet with a datagram and another data packet creating a secure tunnel for transmission between two points on any network. Effectively it repackages and hides the data being transmitted with encryption.
A variety of protocols use the public network, like the internet, to send private network data by creating a VPN (Virtual Private Network), making its transmissions more secure, especially when using unencrypted data. Popular protocols include IPsec (GPRS tunneling protocol), ย SSH (Secure Socket tunneling protocol ), PPTP (Point-to-Point Tunneling Protocol), etc, with each protocol being tailor-made for a specific and different tunneling task/purpose.
Because a datagram is used to hide packets of information, tunneling protocols become tools of immense benefits or misuse too. Poorly configured firewalls are easily overcome by enclosing the blocked protocols within an unblocked protocol to get past the firewall.
Such use/misuse of the tunneling protocols makes tasks like warding off potential attackers difficult. Deep packet inspection uses network infrastructure to look for the datagram, including suspicious behaviour and data, while egress and ingress filtering checks for the destination address. Thus tunneling protocolsย may pose a potential threat that needs to be blocked and addressed by IT and networking professionals who configure security protocols to be applied to data sent using a known tunnel through a VPN.
Some of the ways to use/misuse tunneling protocols are
Thus, to establish a connection, one needs to understand the tunneling protocol stack, networks, and both sets of protocols applied to delivery and payload.
GRE-Generic Routing Encapsulation is a network layer over network layer example of a tunneling protocol over the IP 47, used to transmit data in IP packets with a private address like RFC 1918, over the Internet. Here both payload and delivery protocols are the same. Yet, the payload address is incompatible with the tunneling protocolย of the delivery network.
It is also possible to use the data link layer.ย
The L2TP (Layer 2 Tunneling Protocol) is used to transmit data between two nodes using the data-link layer and its frames to establish the connection. Since the tunnel does not possess default encryption, the TCP/IP will decide the security level based on the protocol used.
SSH uses port 22 to provide VPN functionality with payload data encryption when being transmitted over any public network like the internet.ย
IPsec provides a Transport Model that is end-to-end and uses the tunneling mode to get past a trusted security gateway when transmitting data.
Thus, the article has explained tunneling protocol, its uses, and its technical overview.
So, have you made up your mind to make a career in Cyber Security? Visit ourย Master Certificate in Cyber Security (Red Team)ย for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem, that will give them an edge in this competitive world.
Fill in the details to know more
What Is Asset Classification?
March 20, 2023
Masquerade Attack โ Everything You Need To Know!
February 27, 2023
Best Infosys Information Security Engineer Interview Questions and Answers
What Are SOC and NOC In Cyber Security? What’s the Difference?
A Brief Introduction to Cyber Security Analytics
February 26, 2023
Cyber Safe Behaviour In Banking Systems
February 17, 2023
Add your details:
By proceeding, you agree to our privacy policy and also agree to receive information from UNext through WhatsApp & other means of communication.
Upgrade your inbox with our curated newletters once every month. We appreciate your support and will make sure to keep your subscription worthwhile