Monthly Archives: January 2013

DNS Tunnelling Made Simple

You may have heard about DNS tunnelling before, it’s the process of encoding data and sending it to our chosen name server. The NS realises it cannot resolve the query and subsequently forwards it onto the tcp-over-dns server. The tcp-over-dns server then decodes the data we sent encodes the server’s data in the answer and replies to us, the client.

So how does this help me? Well, think of Hotels, Airports and recently Airplanes! They all charge users for internet usage, we can bypass this with the use of DNS requests to external hosts which most systems do not yet block (it’s as simple as implementing split horizon DNS yet hardly anyone has). DNS tunnels are rather slow, but allow you to reply to emails and browse simple pages whilst travelling, expect around 20KB/s.

Using Iodine:

Tools you’ll need:

  • Linux server
  • OSX Client computer
  • A domain

On The Server:

  • Install iodine with either aptitude [apt-get install iodine] or from source: http://dev.kryo.se/iodine/
  • Start the iodine daemon with:
    iodined -f -c -P [yourpassword] 10.0.0.1 [yourdomain]

Client Setup:

  • I used Mac OSX with homebrew installed which had the package already:
    brew install iodine
  • Linux users can simply
    apt-get install iodine
  • You also need to install TUN/TAP drivers for OSX: http://tuntaposx.sourceforge.net/

DNS Setup:

  • With your registrar, you will want to set up something similar to this:
  • tunnelhost     IN      A       10.15.213.99
    tunnel         IN      NS      tunnelhost.mytunnel.com

Final Stage:

  • Now to connect, use: 
    sudo iodine -f -P [yourpassword] 10.15.213.99 tunnel.mytunnel.com
  • If you have issues, try adding -T to the client parameters
  • You can now ssh -D xxxx [email protected] and use a socks proxy to route traffic through your DNS tunnel! Enjoy!