Reporting/fixing broken airport/hotel/etc wifi?

Ken Chase math at sizone.org
Fri Jul 14 22:13:13 CST 2017


port 53 seems to be the biggest hole available, no one figures that anyone
will send actual data over port 53, other than DNS! (and they [have to] leave
TCP open, because of the nice handywavy implimentations of dns lookups :)

some captive portals intercept all IP traffic regardless of dns, others
intercept the DNS first and give some captive IP target instead for your cnn.com
lookup. The former are easy to send data over. 

(the latter sometimes you can put your targets into your HOSTS[.txt] file and
get there, though today most webpages are 250 urls from 45 different domains,
so have fun.)

$ apt-cache search iodine
iodine - tool for tunneling IPv4 data through a DNS server

http://code.kryo.se/iodine/

Sshuttle looks great thanks

/kc


On Fri, Jul 14, 2017 at 06:02:10PM -0400, Eric Tykwinski said:
  >
  >> On Jul 14, 2017, at 5:04 PM, Ken Chase <math at sizone.org> wrote:
  >> 
  >> 
  >> This is exactly why i have SSHd on port 443 and 53 on one of my boxes/IPs. Once
  >> I got SSH sky's the limit on what I can fix/setup/tunnel.
  >> 
  >> /kc
  >> --
  >> Ken Chase - math at sizone.org Guelph Canada
  >
  >This is my usual workaround as well.  
  >Props to Avery Pennarun: http://sshuttle.readthedocs.io/en/stable/index.html
  >for making my life even easier.
  >

-- 
Ken Chase - math at sizone.org Guelph Canada


More information about the NANOG mailing list