Security Flaws In Aussie Net Filter Exposed

Faldo writes "There's a three-part interview with a computer security expert on BanThisURL that goes into the flaws in the Aussie net filtering scheme. In addition to SSH tunnels and proxies, more worrying problems like trojaning the boxes to set up man in the middle attacks (which the interviewee has done in his lab), cross site scripting and the Australian blacklist leaking are all discussed. Worrying and relevant, especially since Thailand's blacklist has just been leaked."

Re:From the article

[iago-vL]

Don't forget that every security patch that Microsoft releases is a hole that blackhats could already have been exploiting. Patches created now could (and often do) fix vulnerabilities dating back to the release of Windows 2000 or Windows NT. There's no way to guarantee that the holes aren't known and exploited by others.

That being said, any system with proper firewalling mitigates much of the issue. If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface.