dns tunnels a threat?
nextime at nexlab.it
nextime at nexlab.it
Fri Sep 7 13:32:34 UTC 2007
> Removing TXT fields as David initially proposed should break existing
> DNS tunnels.
Sad but true, this isn't true.
DNSCat can work on other query type. And i think that isn't the only
one.
> As fas I know it's only used by spam filers (SPF) and should not be a problem.
Agree.
> Have you experienced unwanted side effects when filtering DNS
> responses in your set-up?
>
No side effects at all, of course, the filtering is used only for unauth
users, so, they need just to resolve the dns query to permit captive
portal to work.
--
Franco (nextime) Lanza
Busto Arsizio - Italy
SIP://casa@casa.nexlab.it
NO TCPA: http://www.no1984.org
you can download my public key at:
http://danex.nexlab.it/nextime.asc || Key Servers
Key ID = D6132D50
Key fingerprint = 66ED 5211 9D59 DA53 1DF7 4189 DFED F580 D613 2D50
-----------------------------------
echo 16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D212153574F444E49572045535520454D20454B414D204F54204847554F4E452059415020544F4E4E4143205345544147204C4C4942snlbxq | dc
-----------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20070907/83d945be/attachment.pgp>
More information about the Chilli
mailing list