Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 95 lines (55 sloc) 2.309 kb
ddba0087 »
2009-11-26 wat. and y.
1
47ff4cdd »
2011-06-16 Update README
2 ## WHAT IS IT?
ddba0087 »
2009-11-26 wat. and y.
3
4 sods is a socket over dns server that uses the DNS to tunnel data. sods
5 includes a small, portable client (sdt) and ds, a utility to scan for
6 DNS servers that support recursion.
7
8 The protocol is interoperable with OzymanDNS
47ff4cdd »
2011-06-16 Update README
9 (<http://lmgtfy.com/?q=OzymanDNS>).
ddba0087 »
2009-11-26 wat. and y.
10
11
47ff4cdd »
2011-06-16 Update README
12 ## WHAT DO I NEED TO BUILD IT?
ddba0087 »
2009-11-26 wat. and y.
13
14 Not much. OpenSSL is optional, if your OS doesn't support
15 arc4random().
16
0dc547b2 »
2010-02-06 nits
17 sods has been built on Ubuntu Linux, Maemo, OpenWRT, Mac OS X and
47ff4cdd »
2011-06-16 Update README
18 Solaris.
ddba0087 »
2009-11-26 wat. and y.
19
20
47ff4cdd »
2011-06-16 Update README
21 ## HOW DO I BUILD IT?
ddba0087 »
2009-11-26 wat. and y.
22
47ff4cdd »
2011-06-16 Update README
23 ### Server
ddba0087 »
2009-11-26 wat. and y.
24
47ff4cdd »
2011-06-16 Update README
25 cd sods
26 ./configure
27 # adjust the Makefile
28 make
ddba0087 »
2009-11-26 wat. and y.
29
47ff4cdd »
2011-06-16 Update README
30 ### Client
ddba0087 »
2009-11-26 wat. and y.
31
47ff4cdd »
2011-06-16 Update README
32 cd sdt
33 ./configure
34 # adjust the Makefile
35 make
ddba0087 »
2009-11-26 wat. and y.
36
37
47ff4cdd »
2011-06-16 Update README
38 ## HOW DO I RUN IT?
ddba0087 »
2009-11-26 wat. and y.
39
47ff4cdd »
2011-06-16 Update README
40 # In the sods directory
41 sudo ./sods -vvvv -d /tmp -L 127.0.0.1:22 a.example.com # if you have an SSH server on localhost
42
43 # In the sdt directory
44 ssh -o ProxyCommand="./sdt -r 127.0.0.1 sshdns.a.example.com" 127.0.0.100
45
46 # As a TCP proxy
47 ./sdt p 23233 -r 127.0.0.1 sshdns.a.example.com
48 ssh -p 23233 localhost # for OpenSSH
4948cdc2 »
2010-04-25 Allow clients to connect using TCP
49
50 The sods client works best with GNU screen installed on your shell
51 server (see the scripts directory for an example of a script to
52 reconnect if the connection is dropped).
ddba0087 »
2009-11-26 wat. and y.
53
54
47ff4cdd »
2011-06-16 Update README
55 ## WHY WOULD I WANT TO USE IT?
ddba0087 »
2009-11-26 wat. and y.
56
4948cdc2 »
2010-04-25 Allow clients to connect using TCP
57 sods is tiny, easily ported and fast. Well, sort of fast, for a
58 tunnel going over DNS. Which means not really very fast.
ddba0087 »
2009-11-26 wat. and y.
59
60 sods has a few tricks to get around network limitations.
61
62 Some ways to use sods:
63
64 * use of gated internet access that allow DNS queries, like those found
65 in airports, coffee shops, restaurants and hotels, when you just need
66 quick SSH access
67
68 * to bypass firewall port or proxy filtering and snooping
69
70 * penetration testing: bypass strict access controls on outgoing
71 connections on secure networks
72
73 * have fun with anyone doing traffic analysis on your network usage
74
75
47ff4cdd »
2011-06-16 Update README
76 ## FEATURES
ddba0087 »
2009-11-26 wat. and y.
77
78 * use TXT, CNAME or NULL records to encapsulate data
79
80 * supports multiple forwarded sessions (use multiple "-L" option)
81
82 * round robin packets between name servers
83
0dc547b2 »
2010-02-06 nits
84 * bounce connections off of public recursive name servers (-r random)
ddba0087 »
2009-11-26 wat. and y.
85
86 * dynamic backoff/throttling of client
87
4948cdc2 »
2010-04-25 Allow clients to connect using TCP
88 * client can use be used as a pipe (for OpenSSH) or as a TCP proxy (for other ssh clients)
89
ddba0087 »
2009-11-26 wat. and y.
90
47ff4cdd »
2011-06-16 Update README
91 ## TODO
ddba0087 »
2009-11-26 wat. and y.
92
93 * remove hardcoded options and use define, e.g., nobody/nogroup
94
4948cdc2 »
2010-04-25 Allow clients to connect using TCP
95 * multiplex connections to the TCP proxy
Something went wrong with that request. Please try again.