Tunneling ssh over DNS
Dan Kaminsky, the Jedi master of packet-level hacking, has figured out how to tunnel ssh over DNS, a stupendously weird and cool feat. Ever been at an airport or coffee shop with WiFi that redirects you over and over again to the same captive portal page no matter what you do? With Kaminsky's tool, you could circumvent any captive portal that allows DNS to slip through. Here's the presentation he gave at the LayerOne conference in Los Angeles.Reverse Serial Propagation480k Powerpoint Link (via Oblomovka)Can be quickly and statelessly deployed
* Scan networks with generic recursive probe
* For each incoming request seeking to service the probe, return whatever(TTL=0) and probe with an actual block request
- If a block request comes back from the recurser, populate the server
-If the population packet drops, the upstream should retransmit
* Move back through the file after each server group fills up
* Can be much slower to populate!
Share this post
Cory Doctorow
Upcoming appearances
* Feb 9, 2012, DeKalb, IL: Day of Doctorow, NIU
* Feb 10-12, 2012, Chicago, IL: Capricon 32
* Feb 13, 2012, Arlington, TX: UT Arlington College of Engineering Distinguished Speaker Series
* Feb 16, 2012, Victoria, BC: 13th Annual Privacy and Security Conference
Recent books:
* Context (essays)
* With a Little Help (short stories)
* For the Win (YA novel)
* Makers (adult novel)
Where not otherwise specified, this work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.