On Fri, February 22, 2008 9:13 am, Michael J McCafferty wrote: > > I saw this talk at Toorcon a few years ago, when my work was more > security related: > > http://www.doxpara.com/dns_tc/Black_Ops_DNS_TC_files/v3_document.htm > > Wrap your head around it then make it go ! You can do anything and > everything you are not allowed to at work now !! Muahahaha ! Nobody ever > expects DNS !!! >
Ok, if I understand this right, the idea is the the internal client makes DNS requests, which are then passed to my.homeserver.net, which returns arbitrary data in the from of TXT fields thus allowing, say, SSH to be encapsulated in the DNS requests. But in a locked down environment, why would local clients be allowed DNS requests to the outside world? I would think the local DNS would be setup to resolve only mycorp.com addresses with web browsing setup to use a proxy (with the proxy doing the resolving for outside addresses). Or maybe I'm just missing something simple. -ajb -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
