DNS Tunneling or Another Way to Get Free Internet in Airports/Cafes 

Many networks have restricted internet access Wireless access points in hotels and airports Censored Internet access in some countries Question: how can one get full internet acess? Idea: leverage one of the un ltered protocols 

DNS (Domain Name Server) Almost never ltered Cannot reply with wrong results because of cache Not designed for tunnelling data (has limitations) 

For DNS Tunneling are used NS and A records A record: maps hostname to 32-bit IPv4 address NS record: maps subdomain to a set of name servers 

How internet access is blocked 

How does DNS tunneling work? 

What is needed for DNS tunneling A DNS server that you can con gure (enough permissions to allow you control over port 53) Another server, one not running DNS Some software to facilitate it Client machine 

Existing implementations of DNS tunneling Iodine OzymanDNS Not supported anymore: dns2tcp NSTX 

What is iodine? 

Using iodine for DNS tunneling 

CLIENT: uses iodine to encapsulate Ipv4 traf c into DNS traf c and sends the entire traf c to a subdomain. SERVER: After the traf c has reached our subdomain, iodine running on our server converts it to normal traf c -> forward to queried domain iodine server gets a response back -> encapsulates the normal traf c into DNS -> sends it through the tunnel. The DNS traf c is allowed by the rewall and is able to reach the client. 

Downsides of DNS tunneling a bit more complicated setup the speed is very slow, as all data is sent inside DNS requests, which limits the amount in single packet and requires more packets to be sent. 

DNS tunneling, step by step check if DNS traf c is allowed. Try pinging any domain. If you get an IP-address in the reply section, then it means that DNS packets are allowed, because the query went to the DNS server and it returned back the IP-Address of the domain. Add 2 DNS entries: an "A" and a "NS" record "33.33.33.33" - IP address of your tunnel server "hostname.com" is the domain you control tunnel1 IN A 33.33.33.33 tunnelme IN NS tunnel1.hostname.com 

Con gure iodine on your server, then on the client Server iodined -f -c -P secretPassword22 192.168.99.1 tunnelme.hostname.com Client iodine -f -r 46.101.240.178 tunnelme.hostname.com Done! 

The end!