Linux Today: Linux News On Internet Time.

More on LinuxToday

UDP Tunneling to avoid hotspot or firewall restrictions

Feb 26, 2010, 20:33 (0 Talkback[s])
(Other stories by Adam Palmer)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

[ Thanks to Adam for this link. ]

"UDP tunneling is an attack that is often overlooked when manufacturers design wireless hotspot and other firewall/proxy based devices.

"When you try and resolve a domain name, you make a request to a name server on UDP port 53. The way that a lot of wireless hotspot, firewalls and proxies work, is that your DNS request is allowed out, you get the IP for the machine you’re looking for, and then your request to the IP is redirected to the wireless hotspot login page, or through a web proxy server.

"The problem is, that all port 53 UDP traffic is allowed out to anywhere, without any kind of authentication. You can therefore install OpenVPN on a remote server which by default listens in on UDP port 1194. You can change this with one configuration option to 53, and then edit your client config to connect to the server on port 53 instead."

Complete Story

Related Stories: