On Robust Covert Channels Inside DNS

Lucas Nussbaum 1 Pierre Neyron Olivier Richard 1
1 MESCAL - Middleware efficiently scalable
Inria Grenoble - Rhône-Alpes, LIG - Laboratoire d'Informatique de Grenoble
Abstract : Covert channels inside DNS allow evasion of networks which only provide a restricted access to the Internet. By encapsulating data inside DNS requests and replies exchanged with a server located outside the restricted network, several existing implementations provide either an IP over DNS tunnel, or a socket-like service (TCP over DNS). This paper contributes a detailed overview of the challenges faced by the design of such tunnels, and describes the existing implementations. Then, it introduces TUNS, our prototype of an IP over DNS tunnel, focused on simplicity and protocol compliance. Comparison of TUNS and the other implementations showed that this approach is successful: TUNS works on all the networks we tested, and provides reasonable performance despite its use of less efficient encapsulation techniques, especially when facing degraded network conditions.
Type de document :
Communication dans un congrès
24th IFIP International Security Conference, May 2009, Pafos, Cyprus. 2009
Liste complète des métadonnées

Littérature citée [6 références]  Voir  Masquer  Télécharger

Contributeur : Lucas Nussbaum <>
Soumis le : jeudi 22 octobre 2009 - 14:30:41
Dernière modification le : jeudi 11 octobre 2018 - 08:48:02
Document(s) archivé(s) le : mardi 16 octobre 2012 - 12:35:47


Fichiers produits par l'(les) auteur(s)


  • HAL Id : inria-00425616, version 1



Lucas Nussbaum, Pierre Neyron, Olivier Richard. On Robust Covert Channels Inside DNS. 24th IFIP International Security Conference, May 2009, Pafos, Cyprus. 2009. 〈inria-00425616〉



Consultations de la notice


Téléchargements de fichiers