On the client side, its ORB must be explicitly configured to use this tunnel. This is done by setting a specific ORB property, ORBHttpTunnelURL , to the address where the HTTP Tunnel Servlet is installed, like http://www.acme.org/orb/gateway [14†L22]. All subsequent IIOP traffic is then sent through this HTTP proxy server, effectively bypassing firewall restrictions.
This combination makes them incredibly difficult to track. The volunteer network operator organization, NANOG (North American Network Operators' Group), held a security track presentation on ORBs, noting they "are largely made of compromised SOHO routers" and represent a "new method of proxy chains... eluding security teams" [12†L3]. The infrastructure provides threat actors with a constantly shifting landscape, where the access points change frequently, making network defenders' jobs extremely difficult. proxy .orb
You could write a custom orb with inline scripts, but that gets messy and hard to maintain. On the client side, its ORB must be