Sunday, March 7, 2004

Why split?

(From the Penetration Testing mailing list) Compass Security has published a proof-of-concept tool to support the reason for running a split-DNS configuration. Basically the tool allows for tunneling data through your firewall via the DNS protocol. Note: the tool is offered for a limited time but I wouldn't be surprised if it's available elsewhere.

This is similar to the problems you risk if you allow wide-open ICMP through your firewalls.