[169242] in North American Network Operators' Group
Re: random dns queries with random sources
daemon@ATHENA.MIT.EDU (Simon Perreault)
Wed Feb 19 11:33:33 2014
Date: Wed, 19 Feb 2014 11:32:49 -0500
From: Simon Perreault <simon.perreault@viagenie.ca>
To: nanog@nanog.org
In-Reply-To: <CD3825FE-5EF1-4AE7-A48F-B192E5E9ACD4@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Le 2014-02-19 11:28, Dobbins, Roland a écrit :
>> I am late to this train, but it appears no one else has brought this up. It is a DNS tunneling setup, not an attack.
>
> This makes a lot of sense - good insight, will look into this further!
I use this for free wi-fi in airports and such:
http://code.kryo.se/iodine/
If the wi-fi is configured to use an open resolver, we end up with the
situation you describe.
Simon
--
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
