Quick question I wanted to throw out there and see what I get back really
You have a corporate network plugged into your wired NIC and you also have your WLAN connected to an open insecure dirty internet connection. (Bridged is the sort of term I guess?)
I'm monitoring a machine and noticing its connected to the dirty internet (using Etherape) plus I'm also seeing on the corporate LAN looking at the SNORT IDS logs that the same machine is coming up with 'Double Decoding Attack + Oversize Request-URI Directory. I have been to the guys machine and noticed that his got actually what I thought above (NIC and WLAN bridged) I have asked him to stop bridging the two connection and he asked why in quite a detailed way
So I'm just wondering what kind of current exploits there are that can be used to connect from the dirty internet connection subnet to the corporates subnet...if there is any?
Thanks in advance!