OzymanDNS is a set of Perl scripts (open source) written by Dan Kaminsky in 2005. It was written as a sample implementation of a DNS Tunnel for the Blackhat Europe 2005 conference. So there exists only a 0.1 version. However, OzymanDNS is one of the most common programs to tunnel something (in this case SSH) over DNS. Other programs include DNS2TCP, NSTX, DNScat, iodine and PingTunnel/ptunnel.
The package includes:
- aska.pl - DNS File/Stream Sender
- droute.pl - Reliable DNS Transport for standard input/output
- geta.pl - DNS File/Stream Receiver
- glance.c - Some kind of library
- nomde.pl - Experimental DNS Server
Install on a server
- You need a server with a static IP
- Download and extract ozymandns_src_0.1.tgz from doxpara.com or mirror at cship.info
- start the server with
sudo ./nomde.pl -i 172.23.112.14 tunnel.example.com.
where "172.23.112.14" is your static IP and "tunnel" is kind of a password so that not everybody can use your DNS tunnel.
- Add this
tunnel IN NS 172.23.112.14
to your Nameserver config file. If you can not edit it you can use the free service from dnstunnel.de.
Install on a windows client
- Download and extract DNS-tunnel.zip from http://www.cship.info/mirror/dnstunnel/Dns-tunnel.zip
- Start putty, go to "Connection" --> "Proxy" and check "local" and "Consider proxying local host connections".
Enter in the "Telnet command, or local proxy command" box:
droute.exe -r 22.214.171.124 sshdns.tunnel.example.com
- Now go to the "Connection" --> "SSH" window an check "Enable compression".
- Go to the "Session" window and enter "domain.invalid" as a domain name and 22 as the port.
- Click on "open" and enter your username and password.
- You are now connected via SSH to the server and can use the socks5 proxy to surf, just like normal Port forwarding.