If you follow me on twitter (http://twitter.com/iagox86), you've seen links to my blog posts (http://www.skullsecurity.org/blog/?p=426) about Dnscat (http://www.skullsecurity.org/wiki/index.php/Dnscat), a tool I've been working on weaponizing (http://www.skullsecurity.org/blog/?p=611) (which is a word I love :) ).
Basically, it creates a tunnel over the DNS protocol, from anywhere to your DNS server. It will work recursively, which means as long as your server can talk to *any* DNS server, whether the DNS server belongs to your company, ISP, etc, it will eventually get the message to *my* DNS server. It's a cool way to poke through firewalls. :)