Home » » Tunnel trickery

Tunnel trickery

Unknown | 10:34:00 PM | 0 comments
I just added fraud-bridge to my github. It was worth
coding even if there exist a lot of DNS and ICMP
tunneling tools.

Features:

o tunneling of TCP-connections, keeping TCP-state
o via DNS: on UDP or UDP on IPv6
o via ICMP or ICMPv6
o HMAC (MD5) protecting of tunnel content
o transparently patching announced TCP-MSS to prevent
  fragmentation or DNS packet splitting
o using EDNS0 extension for DNS-tunneling to achieve good
  througput (larger DNS TXT-replies fit into one reply, honouring
  announced MSS)
o cope with bind9 limits/quota and still having good latency
  for interactive sessions and good throughput
o once started as root, continues to run as unprivileged user
  inside a chroot






If you want to know how a fraud-bridge looks like, check
current blog entry picture, taken during one of my lost-places
tours.
Share this article :

0 comments:

Post a Comment