COMPASS SECURITY: DNS Tunnel Test Suite

From: Jan P. Monsch (jan.monsch@csnc.ch)
Date: Tue Feb 10 2004 - 04:52:48 EST

• Next message: Marius Huse Jacobsen: "Re: pen testing & obfuscated shell code"
• Previous message: Don Parker: "Re: pen testing & obfuscated shell code"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

#############################################################
#
# COMPASS SECURITY http://www.csnc.ch/
#
#############################################################
#
# Subject: DNS Tunnel Test Suite
# Authors: Ivan Buetler, ivan.buetler_at_csnc.ch
# Jan P. Monsch, jan.monsch_at_csnc.ch
#
##############################################################

Dear Reader,

Compass Security is absolutely convinced that the separation of the
internal DNS zone from the Internet zone is a MUST. Otherwise, malicious
mobile code could expose your assets by establishing a DNS tunnel, where
corporate firewall policies are potentially bypassed.

As a proof-of-concept, Compass Security offers a free DNS Tunnel Test
Suite (dtt). If you would like to test your infrastructure against DNS
tunneling attacks, please follow the following link:

https://hsr.csnc.ch/dnstunnel-en/

If you have asked yourself how realistic the threat given by a DNS
tunnel is, the following article refers to a current example:

http://www.securiteam.com/securityreviews/6Z00N208UC.html

IMPORTANT:
The DNS Tunnel Test itself is configurable via web browser interface. On
the site mentioned above you can download the DNS Tunnel client. After
starting the client press the button "Start Test" to launch the browser
interface. Access to the web server is granted only by using the
following username/password:

     Username: sfocus
     Password: compass.dtt

The DNS Tunnel Test Suite (dtt) will be publicly available (using the
above credentials) for the next 4-8 weeks. In any case of inconvenience
or problems, we will stop web site access immediately.

If you decide using the DNS Tunnel test suite, please perform the tests
using non-confidential data. Do not use productive file by any means!!!

RELEASE NOTES:
The client is developed for Windows 2000. The DNS Tunnel client will not
start under Windows NT 4.0. Porting the client to NT 4.0 is not planed.

Kind regards and happy DNS Tunneling
Compass Security

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

• Next message: Marius Huse Jacobsen: "Re: pen testing & obfuscated shell code"
• Previous message: Don Parker: "Re: pen testing & obfuscated shell code"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:48 EDT