Penetration Testing mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: Wolfgang Zenker <wolfgang () JPAVES DE>
Date: Tue, 12 Sep 2000 20:28:25 +0200
Hi, Eric Thiel wrote:
I think a lot of people are missing the real danger here.
Say I run a firewall that does not allow any traffic from SubnetA to the internet, since there have been problems with people in the department uploading confidential data outside the company. Before this announcement I assumed there was no way for people to get traffic out (without ANY open ports, no tunnels are possible). Now anyone on SubnetA that can talk to a DNS server in SubnetB (SubnetB is allowed to pass DNS traffic to the Internet) can create a bi-directional tunnel out to the Internet. Furthermore, unless I have some heavy logging on the DNS server, I have no idea who is sending all the traffic.
If your DNS server in SubnetB is a bind8, you can limit clients from SubnetA to queries for local zones only using bind's ACL syntax. Wolfgang
Current thread:
- Re: [PEN-TEST] IP Tunneling over DNS, (continued)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS matthew patton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jonathan Rickman (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Andre Delafontaine (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Dunker, Noah (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS BMM (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Eric Thiel (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Teicher, Mark (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Wolfgang Zenker (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Peter Van Epp (Sep 12)