Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

COMPASS SECURITY: DNS Tunnel Test Suite

From: "Jan P. Monsch" <jan.monsch () csnc ch>
Date: Tue, 10 Feb 2004 10:52:48 +0100
#############################################################
#
# COMPASS SECURITY                      http://www.csnc.ch/
#
#############################################################
#
# Subject: DNS Tunnel Test Suite
# Authors: Ivan Buetler, ivan.buetler_at_csnc.ch
#          Jan P. Monsch, jan.monsch_at_csnc.ch
#
##############################################################

Dear Reader,
Compass Security is absolutely convinced that the separation of the internal DNS zone from the Internet zone is a MUST. Otherwise, malicious mobile code could expose your assets by establishing a DNS tunnel, where corporate firewall policies are potentially bypassed.
As a proof-of-concept, Compass Security offers a free DNS Tunnel Test Suite (dtt). If you would like to test your infrastructure against DNS tunneling attacks, please follow the following link: 

https://hsr.csnc.ch/dnstunnel-en/
If you have asked yourself how realistic the threat given by a DNS tunnel is, the following article refers to a current example: 

http://www.securiteam.com/securityreviews/6Z00N208UC.html


IMPORTANT:
The DNS Tunnel Test itself is configurable via web browser interface. On the site mentioned above you can download the DNS Tunnel client. After starting the client press the button "Start Test" to launch the browser interface. Access to the web server is granted only by using the following username/password: 

    Username:   sfocus
    Password:   compass.dtt
The DNS Tunnel Test Suite (dtt) will be publicly available (using the above credentials) for the next 4-8 weeks. In any case of inconvenience or problems, we will stop web site access immediately.
If you decide using the DNS Tunnel test suite, please perform the tests using non-confidential data. Do not use productive file by any means!!! 

RELEASE NOTES:
The client is developed for Windows 2000. The DNS Tunnel client will not start under Windows NT 4.0. Porting the client to NT 4.0 is not planed. 


Kind regards and happy DNS Tunneling
Compass Security




---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: