[169243] in North American Network Operators' Group
Re: random dns queries with random sources
daemon@ATHENA.MIT.EDU (Tempest)
Wed Feb 19 11:39:04 2014
In-Reply-To: <5304DCB1.4050408@viagenie.ca>
Date: Wed, 19 Feb 2014 08:38:03 -0800
From: Tempest <tempestterror@gmail.com>
To: Simon Perreault <simon.perreault@viagenie.ca>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Or if you tell your bots to use a set of open resolvers, it helps hide them
by a step.
On Wed, Feb 19, 2014 at 8:32 AM, Simon Perreault <
simon.perreault@viagenie.ca> wrote:
> Le 2014-02-19 11:28, Dobbins, Roland a =E9crit :
> >> I am late to this train, but it appears no one else has brought this
> up. It is a DNS tunneling setup, not an attack.
> >
> > This makes a lot of sense - good insight, will look into this further!
>
> I use this for free wi-fi in airports and such:
>
> http://code.kryo.se/iodine/
>
> If the wi-fi is configured to use an open resolver, we end up with the
> situation you describe.
>
> Simon
> --
> DTN made easy, lean, and smart --> http://postellation.viagenie.ca
> NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
> STUN/TURN server --> http://numb.viagenie.ca
>
>
