Ip Over Dns

Ip over DNS will encapsulate all IP traffic inside DNS requests, allowing access to the internet behind captive portals( cafes, airports and such ). Captive portals usually block all traffic but they allow DNS requests to flow through as long as you can lookup host names, you can create your self a channel.

For this to work you need a couple of things,

  • A registered domain name ( suc as example.com )
  • DNS server (or a registerer that provides DNS service)
  • A machine on the outside that can run a fake DNS server.

Registerer Setup

Choose a subdomain for you domain, you need to create two DNS records. One NS and one A.

NS (Name Servers)

tunnel <---> ns-dtun.example.com

A (Host)

ns-dtun.example.com  <--->  67.222.1.241

The idea here is that all requests to a certain subdomain will be delegated to another nameserver which is running our fake DNS server. For this you need to be able to become root the server in order to run a fake DNS service.

Perl Setup

You need Perl in order to use ozymandns and a couple of extra modules.

Enter the CPAN shell:

perl -MCPAN -e shell 

To re-configure the environment:

conf init 

Upgrade CPAN:

perl -MCPAN -e 'install Bundle::CPAN' 

Install modules:

perl -MCPAN -e 'install MIME::Base32'
perl -MCPAN -e 'install Net::DNS'
perl -MCPAN -e 'install Digest::CRC' 

Server Setup

sudo ./nomde.pl -i 0.0.0.0 tunnel.example.com

Make sure your firewall allows port 53 in bound for TCP and UDP. Perl script crashes frequently so wrap it in a script that will re-run it in case of a crash.

Loop on Crash

#!/bin/sh

while [ 1 ]; do
 ps -ef | grep -v grep | grep nomde
 if [ \$? -eq 1 ]
  then
   ./nomde.pl -i 0.0.0.0 dtun.example.org
 else
  echo .eq 0 - daemon found - do nothing.
fi 
done

Save this file as start.sh and run it inside gnu screen so that the script will keep running after you log out from your machine.

Client Setup

On the client side, install same Perl modules as the server in addition to Perl you also need SSH. Using SSH's ProxyCommand, all comunication will be sent using droute.pl through our DNS channel to our server.

ssh -o ProxyCommand="./droute.pl sshdns.tunnel.example.com" -N -D 9999 -C user@localhost -v

This command will create a SOCKS proxy between our client and the server in order to use it you need software that is capable of comunicating through SOCKS.(such as Firefox) You can use a plugin such as FoxyProxy to switch proxy on the fly.

The connection is slow, but good enough for checking your email or surfing.

Legal Notice

Circumventing AP's access control's is probably considered to a crime depending on where you live. So behave don't be a jerk.

Further Reading