>>If we couldn't browse the thread with a normal browser and the only possible way in was via the UTN, would that effectively protect the Thread from all forms of Web based attack? (assuming, for the time being, that no-one with access to the UTN chose to launch such an attack internally)
>
>The UTN hides the URL that it hits, but that's all. AFAIK SYN (DDOS) attacks go, the attacker doesn't even need a specific URL, because the SYN attacks basically sends only a malformed PING, which only needs the IP address or domain name of the server being attacked.

Thanks Eric. I understand the point about denial of service attacks. How - if at all - can we protect ourselves from URL hijacks though?

Harry