LinkedIn Q&A : Do you have any experience with TCP->HTTP tunneling with reDuh?

yes, this is bad. Another example that firewalls can be circumvented, especially by internal users.

Similar tools :
- httptunnel
- iodine (tunneling over DNS)
- ptunnel (tunneling over ICMP)

What happens if you combine this with encryption/steganography? How do you detect and thwart these attacks? Is deep packet inspection up to the task? Fascinating "research" subject :)

• http://code.kryo.se/iodine/
• http://www.cs.uit.no/~daniels/PingTunnel/
• http://www.nocrew.org/software/httptunnel/