Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Tunneling Mihir Nanavati & Long Zhang {mihirn, April 19th 2010.

Published byPhillip O’Brien’ Modified over 9 years ago

Similar presentations

Presentation on theme: "DNS Tunneling Mihir Nanavati & Long Zhang {mihirn, April 19th 2010."— Presentation transcript:

1 DNS Tunneling Mihir Nanavati & Long Zhang {mihirn, zhlong73}@cs.ubc.ca April 19th 2010

2 Abstract D NS tunnels are network covert channels that allow the transmission of arbitrary data using the DNS infrastructure. Users can use such tunnels to hide their communication sessions in order to bypass local security and accounting policies.

3 The Domain Name System (DNS) is a hierarchical naming system. It makes it possible to assign domain names to groups of Internet users in a meaningful way. (URL vs IP address) Authoritative name servers is responsible for each sub domain. What is DNS

4 Structure of DNS records Example: cs.mit.edu 86400 IN CNAME lcs.mit.edu sub.example.com IN NS ns.anothernameserver.com ns.anothernameserver.com IN A 192.0.34.166 TYPE: SOA, A, MX, NS, CNAME, PTR, HINFO, TXT Records we care about - A, NS, CNAME. Domain_name Time_to_live Class Type Value

5 How DNS tunneling works (1)

6 How DNS tunneling works (2) Tunnel all outgoing traffic through DNS. For DNS side, delegate all requests to a certain subdomain to another nameserver. – People want to look up your IP, get to your ISP's nameserver and will be redirected to your own nameserver which can then answer the request. –Something like: Sub.example.com. In NS ns.mynameserver.com Ns.mynameserver.com IN A 192.0.34.166 or Ns.mynameserver.com IN CNAME dnstunneling.chickenkiller.com

7 How DNS tunneling works (3) The fake name server: –Parse the DNS queries, reconstruct and send the HTTP Requests, and encapsulate the HTTP Response into DNS packages to send the response back to the client. The client inside the local network: –Send DNS requests to local DNS server/ ISP’s DNS server.

8 Problems DNS Packet Sizes –DNS Responses often limited to 512 bytes, significantly smaller than the size of HTTP responses. Solution –Fragment the packets and build a fragmentation and reassembly protocol on top of the DNS packets in the client and the server

9 Demo Time Proof of Concept: –A client, server architecture for internet access. –Client sends HTTP Requests to a proxy server which encapsulates them into DNS queries –Forwarded to name server, which encapsulates HTTP Response in a DNS packet Some attempts on real DNS Tunneling

10 Future Work Bypass ubc (UBC’s unsecured network) using DNS tunneling to obtain Internet access without CWL credentials. Potential Issues – Network may be set up to drop multiple responses to a single DNS quer y –Local DNS server may be set up to not forward queries beyond its local cache

11 References http://www.dnstunnel.de/ http://www.daemon.be/maarten/dnstun nel.htmlhttp://www.daemon.be/maarten/dnstun nel.html T.V. Leijenhorst, etc, “On the Viability and Performance of DNS Tunneling” D. Kaminsky, “Black Ops of DNS The Black Hat Briefings 2004 ”

12 Thanks! Questions?

Download ppt "DNS Tunneling Mihir Nanavati & Long Zhang {mihirn, April 19th 2010."

Similar presentations

Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.

Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.
Review iClickers. Ch 1: The Importance of DNS Security.

Review iClickers. Ch 1: The Importance of DNS Security.
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Implementing Domain Name System

Implementing Domain Name System
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.

1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
EEC-484/584 Computer Networks Lecture 6 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 6 Wenbing Zhao
IS 247 Introduction to Web Application Development Tim Wu.

IS 247 Introduction to Web Application Development Tim Wu.
20101 The Application Layer Domain Name System Chapter 7.

20101 The Application Layer Domain Name System Chapter 7.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.

Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Web Content Delivery Reading: Section 9.2.2 and 9.4.3 COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.
CSE 461 Section (Week 0x02). Port numbers for applications MAC addresses for hardware IP addresses for a way to send data in a smart, routable way.

CSE 461 Section (Week 0x02). Port numbers for applications MAC addresses for hardware IP addresses for a way to send data in a smart, routable way.
Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to www.google.com, but don’t know the IP addresswww.google.com Solution.

Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.
The Domain Name System (DNS)

The Domain Name System (DNS)
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.

Similar presentations

Ads by Google