SYSK 181: What Is a Greynet?

Greynets are network enabled applications that are installed on an end user's system without permission from IT and are frequently evasive at the network level, using techniques like port agility and encryption to avoid being detected and blocked.


Greynets pose a myriad of network and information security risks including potential vectors for malware, client-side code vulnerabilities, intellectual property loss, identity theft and more. While some greynets, especially IM, have legitimate business uses, others are not so business-friendly. Even legitimate greynet applications can pose grave network and information security risks.




Comments (1)

  1. Adam says:

    Heh. If you take out "are installed on an end user’s system without permission from IT and", you can pretty much apply it to anything that tunnels itself over, or inappropriately uses[0], HTTP.

    [0] Where "inappropriate use" definitely includes creating a connection-oriented protocol that is meant to persist over distinct underlying HTTP connections. That’s such a bad idea, it’s not even wrong.

Skip to main content