What is DNS tunnel?
- Technique to tunnel IPv4 data through DNS server.
Why do we use DNS tunnel?
- We use DNS tunnel when in situation where our internet access is blocked by firewall, but DNS queries is allowed (e.g: in office, hotspot internet).
Requirements:
- Ubuntu PC
- Iodine package
- Windows PC to test the tunnel
- Domain name
How to do?
- Install Iodine package.
# apt-get install iodine
- Modify DNS record by add in subdomain record t1.id-ebook.com.
t1 IN NS t1ns.id-ebook.com.
t1ns IN A 202.130.222.111IP address 202.130.222.111 is the server where Iodine will run.
- Run Iodine server.
# iodined -f -p 5353 10.0.0.1 t1.id-ebook.com
We use port 5353, because port 53 is already in use by DNS server. That’s why we have to forward the traffic using iptables.
# iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to :5353
- In another PC running Windows XP, download Iodine software at http://code.kryo.se/iodine/. Extract and run Iodine client.
C:\iodine\bin>iodine -f -r 202.130.222.111 t1.id-ebook.com
- Test the connection by ping each other.
In server:# ping 10.0.0.2
In client:
C:\iodine\bin>ping 10.0.0.1
- To enable internet, activate IP forwarding and IP Masquerade.
# echo 1 > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE - To modify default gateway in client (Windows XP), run ROUTE command.
(run command prompt as Administrator)
C:\iodine\bin>route delete 0.0.0.0
C:\iodine\bin>route add 0.0.0.0 mask 0.0.0.0 10.0.0.1 - Test by browse to google.com or yahoo.com
- Finish.
Reference: Iodine