Why “and beyond”?: stepping stone attacks
çIf Internet-visible device not properly segmented we can use compromised device as stepping stone and probe the internal network (LAN)
¼Internet -> Target Device -> LAN
çNot many companies consider DMZing “miscellaneous” devices
¼i.e.: printers, IP cameras, VCR appliances, UPS appliances
ç