Slashdot | Dan Kaminsky Suggests Having Fun with DNS
There's a story over at slashdot covers a presentation from Dan Kaminsky (of paketto Keiretsu fame) covering some... very interesting ideas about using DNS as a communications channel for arbitrary data (in a similar fashion to things like httptunnel ).
Cool stuff this 'cause it drives home the point that it is wrong to think of a network service as just a means of transferring a specific type of data, as many can transfer any type of data you like , it's just usually used for a given type of data. Which does make the point that traditional security measures like firewalls become a lot less effective as soon as you allow even on protocol across them....
One other thing that occured to me when reading the slides about transmitting ISO images using TXT records, is I wonder what would happen if you caused a caching DNS server to run out of disk space by requesting lots of these records...
I would hope that it would just start purging the records in oldest first order, but I suppose it might DoS some servers...
