Andrew Ginter, director of industrial security at Waterfall Security Solutions, wrote the article "13 Ways Through a Firewall: What You Don't Know Can Hurt You."
In it he talks about how firewalls are a staple of industrial cybersecurity programs, but no one really knows how secure they are. Ginter says that any time a firewall deployment is considered, relevant firewall vulnerabilities should be identified, and both compensating measures and alternatives should be evaluated. He also concludes that unidirectional security gateways are a comparatively new alternative that all security practitioners should become familiar with.
The article lists Ginter's 13 ways a firewall can be compromissed. Here are his first five ways:
- Social engineering
- Compromise a domain controller
- Attack exposed servers
- Attack exposed clients
Read the full article to learn about all 13 ways through a firewall in detail.