Name
Abstract | ||
|---|---|---|
Most networks are connected to the Internet through firewalls to block attacks from the outside and to limit communication initiated from the inside. Because of the limited, supposedly safe functionality of the Domain Name System protocol, its traffic is by and large neglected by firewalls. The resulting possibility for setting up information channels through DNS tunnels is already known, but all existing implementations require help from insiders to set up the tunnels. This paper presents a new Metasploit module for integrated penetration testing of DNS tunnels and uses that module to evaluate the potential of DNS tunnels as communication channels set up through standard, existing exploits and supporting many different command-and-control malware modules. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1007/978-3-642-37682-5_6 | ICISC |
Keywords | Field | DocType |
existing implementation,integrated penetration testing,safe functionality,resulting possibility,different command-and-control malware module,network penetration,dns tunneling,information channel,communication channel,domain name system protocol,dns tunnel,new metasploit module,tunneling,domain name system | Quantum tunnelling,Computer science,Domain Name System,Communication channel,Computer network,Implementation,Exploit,Malware,The Internet | Conference |
Citations | PageRank | References |
4 | 0.69 | 6 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Daan Raman | 1 | 4 | 1.02 |
| Bjorn De Sutter | 2 | 783 | 60.65 |
| Bart Coppens | 3 | 99 | 8.98 |
| Stijn Volckaert | 4 | 74 | 8.74 |
| Koen De Bosschere | 5 | 1659 | 117.74 |
| Pieter Danhieux | 6 | 4 | 0.69 |
| Erik Van Buggenhout | 7 | 4 | 0.69 |