On Thu, Jan 13, 2011 at 11:50 PM, Douglas Otis <dotis@mail-abuse.org> wrote:
Unfortunately, a large number of web sites have been compromised, where an unseen iFrame might be included in what is normally safe content. A device accessing the Internet through a NATs often creates opportunities for unknown sources to reach the device as well. Once an attacker invokes a response, exposures persist, where more can be discovered. There are also exposures related to malicious scripts enabled by a general desire to show users dancing fruit. Microsoft now offers a toolkit that allows users a means to 'decide' what should be allowed to see fruit dance. Users that assume local networks are safe are often disappointed when someone on their network wants an application do something that proves unsafe. Methods to penetrate firewalls are often designed into 'fun' applications or poorly considered OS features.
Doug, Passive attacks. Very effective. Breeze past the firewall like it wasn't there. Hard to target though; work best when you're fishing for whatever you can get instead of trying to crack a particular system. Some success combining them with social engineering. Not terribly relevant to the discussion in this thread. Firewalls mostly block active attacks where a hacker is pushing unsolicited data at a host instead of waiting for the host to request data. Whether or not NAT is involved doesn't really change that larger picture of the general class of attacks firewalls obstruct. -Bill -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004