We did NAT see that coming: How malicious JavaScript can open holes in your firewall for miscreants to slip through

Abuse packet sizes to fool vulnerable application-level gateways

Coinciding with Halloween over the weekend, security researcher Samy Kamkar published details of a spooky firewall-busting technique he calls NAT Slipstreaming. It allows a remote attacker to punch through gateway and browser defenses to access services running on computers within a network, depending on the victim's configuration....