dns tunnel
TRANSCRIPT
![Page 1: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/1.jpg)
Domain Name System tunnel
also known as Socks via SSH over DNS Tunnel and Socks via SSH over DNS.
and how to get free wifi access
![Page 2: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/2.jpg)
Pain in the ass
![Page 3: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/3.jpg)
![Page 4: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/4.jpg)
![Page 5: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/5.jpg)
![Page 6: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/6.jpg)
No Wifi Syndrome
Come on! Face it!
![Page 7: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/7.jpg)
Why DNS?
Firewalls Wireless access point
allow DNS traffic.
![Page 8: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/8.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
![Page 9: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/9.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
![Page 10: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/10.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
![Page 11: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/11.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
Block by Firewall
![Page 12: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/12.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
Block by Firewall
DNS Traffic
![Page 13: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/13.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
Block by Firewall
DNS Traffic
DNS Traffic
![Page 14: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/14.jpg)
Client ( my NB ) running Iodine
DNS Server
Server running IodinedThe Internet
Block by Firewall
DNS Traffic
DNS Traffic
IP Traffic
![Page 15: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/15.jpg)
DEMO
![Page 16: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/16.jpg)
Setup
• One Server
• One Client
![Page 17: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/17.jpg)
Setup - Server
• Host on Amazon EC2
• Access through SSH
• Ubuntu 14.04
• Run
• Hosting some websites
![Page 18: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/18.jpg)
![Page 19: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/19.jpg)
Setup - Domain
• From GoDaddy
![Page 20: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/20.jpg)
Setup - Domain
•3 A Record
•@ => EC2 Server IP
•nas => my own NAS IP
• tunnel1 => EC2 Server IP
![Page 21: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/21.jpg)
Setup - Domain
• 3 NS Record
• @ => GoDaddy nameserver
• @ => GoDaddy nameserver
• tunnelme => tunnel1.howardchang.me ( which => EC2 Server IP )
![Page 22: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/22.jpg)
Commands - 1 on Server
• sudo iodined -c -f -p 5353 10.0.0.1 -P howard tunnelme.howardchang.me &
• Use iodined to listen traffic from tunnelme.howardchang.me :5353
![Page 23: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/23.jpg)
• sudo iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to :5353
• sudo iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
• Use iptables to forwarding the port from 53 ( port for DNS ) to 5353
Commands - 2 on Server
![Page 24: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/24.jpg)
• ping 10.0.0.1
• Use ping to check the connection between Client and itself
Commands - 1 on Client
![Page 25: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/25.jpg)
Commands - 2 on Client
• sudo iodine -f -P howard 54.178.145.50 tunnelme.howardchang.me
• Use iodine to connect to tunnelme.howardchang.me via the DNS we just build ( 54.178.145.50 )
![Page 26: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/26.jpg)
Commands - 3 on Client
• ssh -qTfnN2 -D 8080 [email protected] -i Dropbox/amazon.pem
• Use iodine to connect to tunnelme.howardchang.me via the DNS we just build ( 54.178.145.50 )
![Page 27: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/27.jpg)
Start!
• Setup done, what’s next?
• To be honest, I don’t know how to do IP over DNS.
• But I know how to use SSH over DNS tunnelling
• It works!
![Page 28: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/28.jpg)
SSH
• Allow you to access remote server via command line
• I use aliasing here, so `ec2` will connect ec2 server for me.
• ssh [email protected] -i Dropbox/amazon.pem
• for DNS tunneling ssh access
![Page 29: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/29.jpg)
Server
![Page 30: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/30.jpg)
Client
![Page 31: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/31.jpg)
From ntu-peap to NTU
![Page 32: Dns tunnel](https://reader035.vdocuments.us/reader035/viewer/2022062320/55ce4074bb61eb93728b47f4/html5/thumbnails/32.jpg)
Success!
Using SSH to connect to serverwith wifi NTU ( without login )