Dan Kaminsky has just published his latest paper on middleware attacks that I recommend checking out.
"For CanSecWest this year, I thought it’d be interesting to take a
look at the realm of Deep Packet Inspectors. It turns out we were
doing a lot of this around 2000 through 2002, and then…well, sort of
stopped. So, in this year’s CanSecWest paper, “Staring Into The
Abyss: Revisiting Browser v. Middleware Attacks In The Era Of Deep
Packet Inspection” (DOC, PDF),
I’m taking another crack at the realm — and I’m seeing really
interesting capabilities to fingerprint, bypass, and otherwise
manipulate systems that watch from the middle of networks, using
protocol emulation abilities that have been part of browsers and their
plugin ecosystem from the very beginning.
Ah, but here’s where I need some help. I’ve worked pretty closely
with Robert Auger from Paypal, who just published his own paper, “Socket Capable Browser Plugins Result In Transparent Proxy Abuse”. We independently discovered the HTTP component of this attack pattern, and as I describe in my paper, we’ve kind of forgotten just how much can be done against Active FTP Application Layer Gateways.
So, if I may ask, take a look, check out my paper, and if you have
some thoughts, corrections, or interesting techniques, let me know so I
can integrate them into my CanSecWest presentation. "
Read more: http://www.doxpara.com/?p=1279
