Marcin Antkiewicz wrote:

> ...
>Everyoen loves war stories: I do consulting sometimes, and last time it
>was for a place with IDS, IPS, 3 AV subscriptions, HTTP proxy, split
>horizon DNS, 2 (!) layers of firewalls (statefull), encrypted and
>unencrypted wireless, NAC and traffic shaper. The bad guys still got in!
>How you ask? Easy: via HTTP/s, dns, smtp (traffic on all the protocols
>was proxied, in and out).

How was each protocol (HTTP, dns, smtp) used to get in?
Exploiting bugs in applications implementing each?


firewall-wizards mailing list