Learn, hack!

URL

http://events.ccc.de/congress/2004/fahrplan/files/297-black-ops-of-dns-slides.pdf

File name

297-black-ops-of-dns-slides.pdf

File size

3.7 MB

MD5

24c6bfe5c83ce9677ca47950fd53f540

SHA1

08adff2d4d151f50e67b0c09c65bf1fc6f69c571

DNS is best known for translating domain names into the numerical addresses the Internet can route. But it's capable of so much more. Ultimately, DNS is a globally deployed, routing, caching overlay network deployed across the entire Internet, both public and private. From traversing firewalls to the mass duplication of audio streams, we will demonstrate some unexpected features of this ancient system. The Domain Name System is a powerful, flexible, and integral part of the Internet. DNS's most common use is to translate names -- such as www.blackhat.com -- to addresses -- 216.231.63.34. But behind this deceptively simple operation lies a complex and interesting system, distributed widely but with a deeply centralized core. Though most commonly used to execute simple translations of the sort mentioned earlier, three aspects of the machinery lend themselves to more creative exploits. By creatively abusing the heirarchal, recursive, and cache-oriented nature of the multi-million-node DNS architecture, we can effect a range of unexpected functionality, including firewall penetration, bidirectional anonymous communication, large scale data transmission, and even "Voice over DNS".