

Awesome, less famous DNS trick by Dan Kaminsky: DNS source routing - shykes
http://www.ccc.de/congress/2004/fahrplan/files/297-black-ops-of-dns-slides.pdf

======
shykes
Summary: You can establish inbound IP traffic to a host inside a private
network, with _no IP to route to_ , and _no DNAT setup_.

You do it by fooling the private network's local dns resolver into relaying
trafic back in forth.

~~~
shykes
See slides 18 to 25 for the relevant part.

------
rarrrrrr
There was a Perl script for doing this called OzyManDNS which worked well.

Seems like the Author's site is down, though. Does someone have a mirror?

~~~
shykes
You are referring to DNS tunneling, which is different.

With OzymanDNS your laptop can tunnel out to the net in spite of your hotel's
crappy gateway.

With DNS source routing anyone on the Net can _tunnel onto_ your laptop in
spite of it having no way to receive inbound IP traffic.

