[Unbound-users] Captive portal question
tim at matter2media.com
Fri Apr 23 10:23:14 UTC 2010
Thanks for pointing out a potential problem but obviously I wouldn't
have suggested this if I was aware of an attack.
If I've understood it correctly, to be useful DNS tunnelling is carried
out to a DNS server under the attacker's control. It's not clear to me
how they could do that. Say the attacker controls a DNS server at
example4.org. Assuming the scheme that I have defined (1-3 in my
original message) works, then when the attacker tries to resolve
example4.org, the request will be CNAMEd to example3.org, which I control.
So please explain what I am missing.
I'd also appreciate an answer to my original question :-). I'm sorry if
I'm being dense but I'm new to all of these configuration issues.
Sven Ulland wrote:
> On 2010-04-23 08:25, Tim Kindberg wrote:
>> 1. traffic to example1.org is to be resolved normally, i.e.
>> ultimately by the DNS server on the internet that the captive
>> portal machine knows about
> In other words, DNS tunnelling will work without restriction. Thanks
> for keeping this classic loophole available for the few that care to
> use it. Yes, I'm being sincere.
> Unbound-users mailing list
> Unbound-users at unbound.net
Matter 2 Media Ltd
e: tim at matter2media.com
m: +44 (0)7954 582814
t: +44 (0)117 9095221
More information about the Unbound-users