> Can we get a reading from Those Who Know about how likely it is that > BadGuys can trick a client inside such a firewall to facilitate an attack > against an internal recursive server (said server can query through the > firewall).
Hey, all you guys inside the firewall--you should totally click on this hilarious URL! http://www.evilwebpage.tld It's pretty much that easy. Someone clicks, queries go out, answers come back--and some of the answers are going to be poisoned. A NAT router that obscures unpredictable source ports and reassigns them to predictable ones is eliminating the best defense we have. -- Evan Hunt -- [EMAIL PROTECTED] Internet Systems Consortium, Inc.
