(From the Penetration Testing mailing list) Compass Security has published a proof-of-concept tool to support the reason for running a split-DNS configuration. Basically the tool allows for tunneling data through your firewall via the DNS protocol. Note: the tool is offered for a limited time but I wouldn't be surprised if it's available elsewhere.
This is similar to the problems you risk if you allow wide-open ICMP through your firewalls.
No comments:
Post a Comment