Cat-DNS: a DNS server that resolves everything to cats

Transcript

1. MORE CATS
   THE INTERNET
   needs
   

   View Slide

2. View Slide

3. I’M MONICA
   @notwaldorf
   

   View Slide

4. DNS
   

   View Slide

5. DNS
   domeow name system
   

   View Slide

6. DNS
   GOOGLE.COM ☛ 74.125.226.134
   

   View Slide

7. CAT-DNS
   GOOGLE.COM ☛ cats? cats!!
   

   View Slide

8. View Slide

9. View Slide

10. EVEN?
    HOW DOES
    it
    

    View Slide

11. UDP
    USER DATAMEOW PROTOCOL
    

    View Slide

12. UDP
    it’s the honey badger
    

    View Slide

13. 8.8.8.8
    

    View Slide

14. 8.8.8.8
    800,000 rEq/sec
    

    View Slide

15. 8.8.8.8
    70 billion rEq/day
    

    View Slide

16. 8.8.8.8
    avg: 45 ms
    

    View Slide

17. CAT-DNS
    avg: 7 ms
    

    View Slide

18. CAT-DNS
    but only knows cats
    

    View Slide

19. so basically
    

    View Slide

20. www.images.google.com?
    YOU DNS
    

    View Slide

21. www.images.google.com?
    YOU DNS
    images.google.com
    TTL: 5 minutes
    ip: 74.125.226.104
    

    View Slide

22. DOMAIN Name Server
    RNS
    www.images.google.com?
    YOU
    

    View Slide

23. Recursive Name Server
    RNS
    www.images.google.com?
    YOU
    

    View Slide

24. RNS
    www.images.google.com? I DON’T KNOW BUT I CAN ASK
    YOU
    

    View Slide

25. ROOT
    RNS
    images.google.com?
    ROOT NAME SERVER
    YOU
    

    View Slide

26. ROOT
    RNS
    .com .org .biz
    I KNOW THE TLDS
    YOU
    images.google.com?
    

    View Slide

27. ROOT
    RNS
    .com
    ASK THE .COM SERVER
    YOU
    images.google.com?
    

    View Slide

28. ROOT
    RNS
    .COM
    YOU
    images.google.com?
    

    View Slide

29. ROOT
    RNS
    .COM
    I’M GETTING HUNGRY
    YOU
    

    View Slide

30. ROOT
    RNS
    .COM
    google yahoo imgur
    YOU
    images.google.com?
    

    View Slide

31. ROOT
    RNS
    .COM GOOGLE
    YOU
    images.google.com?
    

    View Slide

32. ROOT
    RNS
    .COM GOOGLE
    authoritative
    YOU
    images.google.com?
    

    View Slide

33. ROOT
    RNS
    .COM GOOGLE
    74.125.226.135
    YOU
    images.google.com?
    

    View Slide

34. 74.125.226.135
    ROOT
    RNS
    .COM GOOGLE
    YOU
    

    View Slide

35. ROOT
    RNS
    .COM GOOGLE
    YOU
    yay !
    

    View Slide

36. View Slide

37. CACHING
    ain’t no one got time
    

    View Slide

38. TTL
    time to live
    

    View Slide

39. browser cache
    chrome://net-internals/#dns
    

    View Slide

40. View Slide

41. WORKS FOR ME
    BUT not for you…wat?!
    

    View Slide

42. www.whatsmydns.net
    

    View Slide

43. DANGER ZONE
    what can go wrong?
    

    View Slide

44. DANGER ZONE
    cache poisoning
    

    View Slide

45. ROOT
    RNS
    .COM
    images.google.com?
    YOU
    

    View Slide

46. ROOT
    RNS
    .COM ☢
    YOU
    images.google.com
    TTL: 10000 minutes
    ip: 66.000.000.66
    images.google.com?
    

    View Slide

47. ROOT
    RNS
    .COM ☢
    YOU
    trololololololol
    images.google.com?
    

    View Slide

48. View Slide

49. THE RFC?
    DID YOU EVEN
    read
    

    View Slide

50. (no)
    

    View Slide

51. REALTALK
    1987 RFCS ARE PAINFUL RFCS
    

    View Slide

52. View Slide

53. your cat *
    how to spy
    on
    * if your cat is a DNS server
    

    View Slide

54. NSLOOKUP
    use: nslookup google.com
    

    View Slide

55. View Slide

56. View Slide

57. View Slide

58. DIG
    use: dig google.com
    

    View Slide

59. View Slide

60. View Slide

61. View Slide

62. View Slide

63. View Slide

64. View Slide

65. View Slide

66. View Slide

67. View Slide

68. View Slide

69. ❤
    

    View Slide

70. View Slide

71. 9:30 am
    yay, code!
    because
    

    View Slide

72. “I'LL OFTEN DROP
    DOWN TO NODE.JS IF I
    REALLY NEED TO BE
    CLOSE TO THE METAL”
    - SOMEONE ON HACKER NEWS
    

    View Slide

73. require(‘node-bitarray’)
    !
    require(‘buffer’).Buffer
    !
    require(‘dgram’)
    !
    require(‘ip’)
    

    View Slide

74. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

75. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

76. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

77. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

78. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

79. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

80. var dnsServer = dgram.createSocket('udp4');
    dnsServer.bind(53,'localhost');
    !
    dnsServer.on('message', function (msg, rinfo) {
    // Parse message.
    // Transmogrify into response.
    // Resolve to cat-service OR imgur.
    // Giggle.
    !
    dnsServer.send(=^_^=);
    }
    

    View Slide

81. imgur
    how to be a cat authority
    

    View Slide

82. View Slide

83. NO lessons
    some lessons
    are better than
    

    View Slide

84. what now?
    slow dns means less cats
    

    View Slide

85. what now?
    pick a faster one
    

    View Slide

86. what now?
    host your own? bind!
    

    View Slide

87. what now?
    get around geolocation
    

    View Slide

88. what now?
    https:// /notwaldorf/cat-dns
    

    View Slide

89. what now?
    STEALING WIFI JUST GOT WEIRD
    

    View Slide

90. @notwaldorf
    ❤
    

    View Slide