DNS tunnel

Today, I saw such a one in Greader, and I realized free internet in DNS tunnel. My thoughts suddenly returned to New Zealand vacation last year.

In that a few days, we rented a house in the mountains of Wellington, everything was very comfortable, but it could not access the Internet. Even nearby WiFi signals can not be received, I want to “borrow” other people’s WiFi hotspots. I walked around the sea in the yard, capturing a weak signal around, and finally. Then transfer the cable TV in the house. I found with domestic cable TV, the set top box is connected to the network cable. That is, it is physically, there is a link to access the Internet. But after I plug in the computer, I found that IP packets can’t be either. However, it seems like a DNS service is available.

I didn’t think too much at the time, just feel that there is a way to take advantage of it. However, the next day will move, there is no deep way. Today, I feel that I can use DNS service and external to establish a connection. Of course, you need to build the program program that the recently taken in the outside.

The principle is very simple, when you do DNS queries, if the domain name is not in the Cache in the DNS server, it will go to the Internet, and finally return the results to you. If you have a custom-made server on the Internet. Just rely on this level of DNS, you can exchange the packet. From the DNS protocol, you are querying a specific domain name at a time, and gets the resolution result. But in fact, you communicate with external communication. You are not directly connected to the machine outside the local area, because the gateway will not forward your IP package. But the DNS server on the LAN will be transferred. This is DNS Tunnel.

I feel interesting, I have been tested according to the article.

This requires a certain domain name, a machine running on the Internet to freely install the software. These are all. That fake DNS is provided by OzyMandNs. But I haven’t downloaded the package on the ozymandns website today. Fortunately, Google is very powerful, this small Perl program written in 2004 is not difficult to find.

However, I didn’t have successful trials. According to the article, I couldn’t connect to the host through DNSTunnel. It is estimated that I am not configured. But then Google has gone to a better choice. That is IODINE this little thing. It’s very simple to install it. The first run is found to find the TUN device. It seems that you need to build one hand. On Linux: MKDIR / DEV / NET; MKNOD / DEV / NET / TUN C 10 200 is like this.

Windows version is troublesome, need to install software. Install the Tap Driver in the OpenVPN package.

Then use IODINE to build a virtual network using DNS Tunnel. Next, it is convenient to build SOCKS5 with SSH -D. But I think this is extra. In order to save the bandwidth on the DNS Tunnel, I directly built a SOCKS5 server. It is the SSOCKS mentioned in a blog written in the previous paragraph. Also need to be modified, bind the listening port on 10.0.0.1.

Finally, I didn’t encounter any trouble. I think the DNS server on my online export must feel very painful. This is really a super painful Tunnel program. Well, you can stay for the backup of the wall in the future, in order to prepare.

PS. I want to know that there are WiFi hotspots such as CMCC everywhere. I will try it next time to the business difference.