[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  macjones <mac dot jones at jai dot co dot nz>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] ip over dns hack / captive portal?
 Date:  Mon, 03 Apr 2006 11:42:24 +0200
On 03.04.06 17:33 +1200, macjones wrote:

> Just wondering of the m0n0wall captive portal is susceptible to this
> hack that uses DNS to transfer IP packets?

Yes, although I've never actually tried nstx, I'm pretty sure that
would work through m0n0wall's captive portal (and most other captive
portal solutions as well). It's probably not easy to avoid this
without potentially hampering legitimate use (perhaps the number of
DNS queries of unauthenticated clients could be restricted, or the
maximum query length limited to a number where this type of tunneling
is no longer practicable).

If anyone wants to get working on a modification to Dnsmasq that
makes this kind of tunneling infeasible - be my guest.

- Manuel