lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACQ_HNokLW-xMJ-iPE3BbupQhmJr_ZdPFwTksv0gQsqW7cbVmw@mail.gmail.com>
Date: Fri, 7 Oct 2011 07:32:07 -0300
From: Marshall Whittaker <marshallwhittaker@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Verizon Wireless DNS Tunneling

I recently noticed that you can tunnel TCP through DNS (I used iodine) to
penetrate Verizon Wireless' firewall.  You can connect, and if you can hold
the connection long enough to make a DNS tunnel, then the connection stays
up, then use SSH -D to create a proxy server for your traffic. Bottom line
is, you can use the internet without paying. I made a video of it.  It can
be seen here:
http://www.youtube.com/user/Oxagast?blend=2&ob=5#p/u/0/X6oWESQMVd8 I tried
to contact Verizon on their security blog about it a few weeks ago at
http://securityblog.verizonbusiness.com/ however, I have not had a response.
 This technique still works as of this posting.  Maybe this will help them
get their act together ;-)

--oxagast

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ