"Tunneling IP over DNS will be one of the biggest security risks of the future".
"Tunneling IP over DNS will be one of the biggest security risks of the future". Discuss.
N.B. This is a question from a past exam paper (BSc Computer Science) worth 20 marks.
Anyone? :)
Comment on ITstudent2006's post
Thanks for your reply. I am of course aware there is no specific answer, however that is not to say there is no answer, hence the forum it is posted on, hence my question, and hence the fact it was on a past exam paper.
I am having trouble with the word 'future', I am aware of current risks, however I am unsure of any future risks.
One last point, thank you for the link to the guidelines on homework, it was very useful. I could have been searching for 5 minutes, without finding it...
One final point, please use a dictionary to understand the word 'homework'. This is not homework, this is a past exam question, i.e. revision.
Thank you for your help, and for a pointer in the right direction.
Comment on ITstudent2006's post
Thank you for your reply and no sarcasm this time, I promise :) I do apologise for my obnoxious reply, but I am stressed with my up and coming exams and when I saw your reply it really didn't help with the already high stress levels, nevertheless I apologise.
Some examples would be, tunnelling IP over DNS at an internet café or airport (to evade paying, or to avoid the annoyance of advertisements); and tunnelling at a workplace if port 80/443 were blocked (or to 'help' evade detection).
I say 'help' as dns traffic is not usually large (unless doing a zone transfer) so you'd have to send small bits of information to blend in and avoid detection. However, it could get flagged as large data (large buffer overflow) and suspicious traffic over dns. Content inspection could also flag up http traffic through port 53.
Running out of characters, continued...
Comment on ITstudent2006's post
... You are very kind to still offer your advice. Although I feel undeserving of it, it would be stupid for me to turn it down.
NeedKarma: Check the link below it's a good presentation from avaya. I've also included a link to googles cache, in case you are understandably sceptical of my .ppt link
http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-kaminsky/bh-us-04-kaminsky.ppt
http://docs.google.com/viewer?a=v&q=cache:uKHZ1UtC6GwJ:www.blackhat.com/presentations/bh-usa-04/bh-us-04-kaminsky/bh-us-04-kaminsky.ppt+%22to+find+addresses+in+.doxpara.com, +and+.doxpara.com+says+where+to+find+%22&hl=en&gl= uk&pid=bl&srcid=ADGEESjsBKGk6HOIkYzMy9UiniFW3ecx7X 3jgGqLk65Ik03uZN3s-LiTuW-Yf1NnoaCpcmjyIXYWpoI5Ky3rdJySmzwSuamNfpZo0yl8RL7Mu l9ZgT-cOCoRwCtJ7W6f39g0ifk_vXoh&sig=AHIEtbSdVmu_kNNYiRXa wTOPOct5J-Tkug
Comment on ITstudent2006's post
Security flaws or issues could be firstly in regards to confidentiality, company confidential or sensitive information could be leaked. Secondly, malware could be brought in (if the person is a rouge insider they may be able to disable AV, IPS etc, or the chances being they won't need to tut tut, or the organisation may have devices that cannot be patched). Thirdly, if there are many users that do not have access to browse the internet, and they were to use IP over DNS it could have a negative impact on any bandwidth SLA's, which could have course have many detrimental ramifications. Fourthly, they could be breaching other policies by accessing porn, etc.
Running out of characters, continued...
Comment on ITstudent2006's post
... Are you suggesting that an appropriate way to answer this question if it were to come up in my exam, would be to state current issues BUT ALSO to state how they could get worse as time goes on in regards to advancements in NSTX and the widespread use of iphones coupled with the availability of Iodine on such devices?
Thank you for your time.
Comment on ITstudent2006's post
Excellent, thank you for your help.