In this work we show how the infrastructure of the Domain Name System (DNS) can be profitably exploited to create unauthorized covert channels capable of transferring arbitrary information across firewalled networks. The approach relies on the possibility to perform recursive DNS queries, which is an aspect that is often overlooked in the set-up of restricted access public networks. We present an encapsulation protocol which is able to realize point-to-point tunnels by means of bogus, yet legacy, DNS datagrams, enabling communication between a host subject to network restrictions and an external server. We highlight also the main architectural features of an open source evasion tool that implements such protocol, discussing its effective viability and the overall performances achievable in very common scenarios such as public Wi-Fi hot-spots.
Network Evasion via DNS Covert Channels / P. Tucci; E. Faldella. - STAMPA. - (2011), pp. 97-103. (Intervento presentato al convegno International Conference on Telecommunication Systems, Modeling and Analysis - ICTSM2011 tenutosi a Prague, Czech Republic nel 26-28 May, 2011).
Network Evasion via DNS Covert Channels
TUCCI, PRIMIANO;FALDELLA, EUGENIO
2011
Abstract
In this work we show how the infrastructure of the Domain Name System (DNS) can be profitably exploited to create unauthorized covert channels capable of transferring arbitrary information across firewalled networks. The approach relies on the possibility to perform recursive DNS queries, which is an aspect that is often overlooked in the set-up of restricted access public networks. We present an encapsulation protocol which is able to realize point-to-point tunnels by means of bogus, yet legacy, DNS datagrams, enabling communication between a host subject to network restrictions and an external server. We highlight also the main architectural features of an open source evasion tool that implements such protocol, discussing its effective viability and the overall performances achievable in very common scenarios such as public Wi-Fi hot-spots.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
