Deep dive into DNS Tunneling

Gupta Bless
5 min readOct 8, 2023
Source

Introduction

Cybercriminals employ this method to circumvent security measures. With the help of the DNS protocol, the attacker in this case was able to send data that has nothing to do with DNS queries or responses. Attackers are able to exfiltrate sensitive data from the server after they have bypassed security safeguards.

It’s perfectly acceptable to say something like “my friend saw you at the park” in everyday conversation. But if we don’t want anyone to see our request directly, we can include some information in our usual message, making it look like a message about a meeting in the park. We employ a DNS tunnel to remain anonymous while the attacker steals sensitive data from within the target firm. DNS tunneling is analogous to sending encrypted communications that appear to be harmless chatter. DNS is designed to keep secrets.

How to bypass network restrictions in DNS tunneling

Source

Sometimes we find that certain online resources are restricted in public settings like schools and offices. In response, administrators at places like companies and schools have begun implementing firewalls and content filters…

--

--