Last week I presented at the St. Louis Security Group, a SIG of St. Louis Unix Users Group. The presentation and demos went well, and I hope everyone enjoyed it. I've attached the PowerPoint file, other forms will be posted soon.

The presentation covers attacking networks using Metasploit and outbound HTTP sessions only. Using this technique, the attacker bypasses any intervening firewalls (and many IDSs).

The bottom line solution: defense in depth.