On 2/3/2011 12:40 AM, Owen DeLong wrote: > Notice how the application was able to poke the holes in both sides > because it easily knew the address and port number information since > it isn't modified. Both firewalls think that the secondary channel is > an outbound connection on both sides. And the network attack vector with inside spoofing just go even more interesting and easier. Jack