AW: local proxy udp 53

From: Julian Totzek (julian.totzek@bristol.de)
Date: Wed Feb 15 2006 - 05:17:36 EST

• Next message: Peter Wood: "Re: Password Crackers"
• Previous message: thomas springer: "Re: how to check for hostnames of wildcard-domains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> -----Ursprüngliche Nachricht-----
> Von: shiri_yacov@hotmail.com [mailto:shiri_yacov@hotmail.com]
> Gesendet: Dienstag, 14. Februar 2006 07:27
> An: pen-test@securityfocus.com
> Betreff: Re: local proxy udp 53
>
> Hi Julian,
> if I understand correctly, You need to send/receive some illegal traffic
> (In terms of the network security policy), and your network allows traffic
> on port DNS "from any to any".
> At this point, there are two possibilities.
>
> A. The security mechanism (Firewall/Router) is probing the packet's
> destination port only.
> B. There is some kind of content filtering device on the network, which
> assurs that packets on port DNS are truly DNS packets.
>
> In case A, the answer to your question is quite simple. All you need is a
> port redirector - like Fpipe or winrelay which needs to operate on both
> sides (of your connection).
>
> Case B is much more complicated, and requires a tailor made solution which
> will encode your protocol with DNS packets - some "AllYouWant over DNS".
>
> I suppose A is your cup of tea...
> Is it ?

Hi
Solution B is what I'm looking for! On the client side everything is encoded in dns request and on the other everything is decoded! So everything is tunneld via upd 53!

Cheers
-j

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Peter Wood: "Re: Password Crackers"
• Previous message: thomas springer: "Re: how to check for hostnames of wildcard-domains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT