Penetration Testing mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: Mordechai Ovits <movits () OVITS NET>
Date: Mon, 11 Sep 2000 15:04:57 -0400
On Mon, Sep 11, 2000 at 01:06:14PM -0400, Christopher M. Bergeron wrote:
I just read an interesting post at slashdot: http://slashdot.org/article.pl?sid=00/09/10/2230242&mode=thread theoretically, someone from inside a secure network could tunnel out (ala Trojan) to punch a major hole through a firewall. Am I understanding this correctly?
Yes, with the unstated caveat that you need a server on the outside to complete the tunnel. No biggee, but it makes it easy to find the otehr side of the tunnel. Besides, you could do this with http_tunnel for the longest time. This is just cuter. Mordy
Current thread:
- [PEN-TEST] IP Tunneling over DNS Christopher M. Bergeron (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Mark Shlimovich (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS matthew patton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jonathan Rickman (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Andre Delafontaine (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IP Tunneling over DNS Dunker, Noah (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS BMM (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Eric Thiel (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Teicher, Mark (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Wolfgang Zenker (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Peter Van Epp (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)