Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

A Public DNS/ICMP Tunneling Service for evading filters, paywalls and firewalls
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

A Public DNS/ICMP Tunneling Service for evading filters, paywalls and firewalls

joepie91joepie91 Member, Provider
edited September 2015 in General

Figured some people here might be interested :)

This is a public DNS/ICMP tunnel server, through which you can proxy to the internet to evade stupid filters, firewalls, and other nonsense getting in the way of your internet use. All outbound traffic is routed over the Tor Anonymity Network, for obvious reasons of me not wanting to get over nine thousand abuse mails over whatever shit you put through this tunnel. You may find this tunnel useful for things like getting past WiFi paywalls, and the likes.

Site is here.

Tagged:

Comments

  • Oh nice is there a link?

  • joepie91joepie91 Member, Provider

    Posted a little too fast, I updated the post with a link :)

  • Any experience about connection speed?

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

  • 4n0nx said: Any experience about connection speed?

    My guess is it'd be vaguely reminiscent of dial-up Internet, for those of us old enough to recall that age.

  • jarjar Provider
    edited September 2015

    Nice find! Certain times I've always wanted to try it for curiosity, but never wanted to do the leg work.

  • SplitIceSplitIce Member, Provider

    While an interesting idea I cant help but think about the potential DDoS magnet they are.

    Additionally with egress over TOR, thats a pretty hefty limit on speed. Dont know if it could be all that usable as a result.

    X4B - DDoS Protection: EU & US affordable DDoS protection including Layer 7 mitigation.
    Latest Offer: 1TB and 2TB Anycast DDoS Protection (March Madness)
  • That's what's the ultimate email spam protection is the guy notes his email as: python -c 'print "c2t5aGlnaGF0cmlzdEB0Znduby5nZg==".decode("base64")'

    Go give Vultr(referral) a try. | GNU/Linux http://debian.org

    Thanked by 1ehab
  • joepie91joepie91 Member, Provider

    @SplitIce said: While an interesting idea I cant help but think about the potential DDoS magnet they are.

    Additionally with egress over TOR, thats a pretty hefty limit on speed. Dont know if it could be all that usable as a result.

    Tor can be surprisingly fast. Speeds along the lines of 100KB/sec are not unusual.

    As for being a DDoS magnet - all outbound traffic goes over Tor, so the tunnel server IP doesn't ever appear anywhere. That should keep it from getting attacked.

  • SplitIceSplitIce Member, Provider

    @joepie91 You connect to a DigitalOcean VM. Tor does nothing to hide the ICMP/DNS proxy server.

    # host dnstun.com
    dnstun.com has address 178.62.112.71
    
    X4B - DDoS Protection: EU & US affordable DDoS protection including Layer 7 mitigation.
    Latest Offer: 1TB and 2TB Anycast DDoS Protection (March Madness)
  • joepie91joepie91 Member, Provider

    SplitIce said: @joepie91 You connect to a DigitalOcean VM. Tor does nothing to hide the ICMP/DNS proxy server.

    Of course. But why would that attract DDoS? The only way proxy servers usually end up being DDoS magnets, is by people causing drama and appearing to connect from that proxy.

  • Paywalls on WiFi are fences erected by the rich to exploit the poor

    Told that to the grocery shop while holding a banana but he didn't budge.

    Thanked by 1netomx
  • @deadbeef said: Paywalls on WiFi are fences erected by the rich to exploit the poor

    Told that to the grocery shop while holding a banana but he didn't budge.

    Was the banana still there after you took it?

    Thanked by 1netomx
  • deadbeefdeadbeef Member
    edited September 2015

    @elwebmaster said: Was the banana still there after you took it?

    My wife takes care of the banana issues in our household.

  • I will probably never try it and then wish I had next time I am faced with a paywall.

    deadbeef said: Paywalls on WiFi are fences erected by the rich to exploit the poor

    Well they kind of are, right? The stakeholders want a steady return on their investment. But who would pay for Wi-Fi...

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    Thanked by 1deadbeef
  • deadbeefdeadbeef Member
    edited September 2015

    @4n0nx said: I will probably never try it and then wish I had next time I am faced with a paywall.

    Yeah, ok - but it's one thing to grab a lemon from the tree in your neighbors yard and a whole other level to curse him for "exploiting" you by not knocking your door to offer you that lemon because you (the general "you", not you) deserve it.

    But who would pay for Wi-Fi...

    Those who want to use it? :|

  • SplitIceSplitIce Member, Provider

    @joepie91 said: Of course. But why would that attract DDoS? The only way proxy servers usually end up being DDoS magnets, is by people causing drama and appearing to connect from that proxy.

    Who looses something as a result of the service? The answer is obvious.

    And actually that was the first place I looked for the IP. Getting the IP from egress is pretty much just people doing gaming (i.e XBox Live / PSN DDoS of gamer clients) which isnt really applicable.

    X4B - DDoS Protection: EU & US affordable DDoS protection including Layer 7 mitigation.
    Latest Offer: 1TB and 2TB Anycast DDoS Protection (March Madness)
  • @deadbeef said: Those who want to use it? :|

    I asked you a question about the example with the grocery store you gave earlier, but you chose to make a meaningless comment instead of replying.

    Fruits, like bananas and apples, are not the same as data, they are physical objects, once you take it, it's gone. In the case of wireless paywalls, whether you use the service or not, it's still there. Particularly the OP's setup with low bandwidth has practically no impact on a high speed connection.

    On the other hand, the providers of these paywall services are exploiting the public good: wireless spectrum designated for private use. Unlike mobile internet service providers, paywall WiFi ventures do not lease dedicated spectrum from the government, but instead piggyback on the public WiFi frequencies. In doing so they cause interference for legitimate users of the shared WiFi channels, for example mobile hotspots with considerably less powerful transmitters.

    Thus, we can say that paywalls on public WiFi frequencies are fences erected by the rich to exploit the poor by interfering with their designated WiFi spectrum and by reselling a public good (WiFi signal) without reimbursing the public (by means of leasing spectrum for commercial use from the government).

  • deadbeef said: Those who want to use it? :|

    Isn't 3G cheaper..?

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

  • @4n0nx said: Isn't 3G cheaper..?

    Depends on the country. Some countries have outrageous mobile data pricing.

  • netomxnetomx Member, Moderator

    @telephone said: Depends on the country. Some countries have outrageous mobile data pricing.

    I got a promotion on my 3G network.... 3g network, unlimited data* for $6 USD :P

    • Up to 25GB, then they will lower it to 64kbps
  • This could come in handy when 3g isn't available. I was on a cruise recently and there were no mobile networks in the middle of the ocean, but DNS tunneling worked (although slow as molasses, partly due to the WiFi itself being slow).

    If you're traveling to another country in general you likely won't have access to local mobile networks unless you get a SIM, so this comes in quite handy.

    Thanked by 1linuxthefish
  • free is good. looking forward to fusion power.

  • too much work to do on android. hopefully someone may build apk for this.

    Thanked by 1netomx
  • deadbeefdeadbeef Member
    edited September 2015

    @elwebmaster said: I asked you a question about the example with the grocery store you gave earlier, but you chose to make a meaningless comment instead of replying.

    Serious questions get serious answers. You didn't bother previously to write something like you did this time but chose to leave me to divine what exactly you meant, so you got an appropriate response to that. Now, I'll be happy to point out the fallacy in your line of thought.

    Fruits, like bananas and apples, are not the same as data, they are physical objects, once you take it, it's gone. In the case of wireless paywalls, whether you use the service or not, it's still there. Particularly the OP's setup with low bandwidth has practically no impact on a high speed connection.

    First of all, there are no public goods. But for the sake of the argument, let us suppose a public good exists - let's say it's a fountain of nutella and since it's a public good, all you have to do is go there, unleash your spoon and do your thing (you take it but it's "not gone").

    Now, that nutella fountain is located 50 miles from your city. People use their cars to get there, but unfortunately you do not own one. Obviously, your neighbor's car is not a public good. Are you justified in stealing his car in order to visit to the nutella fountain? Or should you save enough money to buy a ticket to ride the bus?

    On the other hand, the providers of these paywall services are exploiting the public good: wireless spectrum designated for private use.

    This is a separate question from my argument, I am really surprised by you writing this. If a spectrum is a "public good", then its use has no reason to be restricted. For example, air. Should the government forbid you from bottling air and selling it?

    Unlike mobile internet service providers, paywall WiFi ventures do not lease dedicated spectrum from the government, but instead piggyback on the public WiFi frequencies. In doing so they cause interference for legitimate users of the shared WiFi channels, for example mobile hotspots with considerably less powerful transmitters.

    (ignoring my point above) Suppose this is true - they are violating the property rights of the government. Say a seller of hotdogs sells his wares on a public pavement. And he is certainly causing interference for pedestrians who walk on that pavement. Now, what is the proper response to that violation?

    • Grab some of the hotdogs and eat them yourself
    • Notify the owner of the pavement about the property violation occurring there
    Thanked by 1ricardo
  • Anyone got an easy tutorial for Android that would be perfect

  • I found many such paywalls/login blocks allowing all UDP traffic through port 53. That would allow for a pretty stable openvpn connection. I tried DNS Tunnel, but too slow (2G speeds)

  • elwebmaster said: Was the banana still there after you took it?

    Nor is the bandwidth. I pay my ISP for a certain quantity. I'd really like it if they didn't charge, but haven't found a way around that yet. If someone else uses up all my bandwidth, I can't use it at the same time. If someone uses up my 40GB monthly allowance, I have to come up with more money for my own use of the service. So, the bottom line is that if someone uses my wifi resources, the part they use is NOT still there.

  • joepie91joepie91 Member, Provider

    Ole_Juul said: Nor is the bandwidth. I pay my ISP for a certain quantity. I'd really like it if they didn't charge, but haven't found a way around that yet. If someone else uses up all my bandwidth, I can't use it at the same time. If someone uses up my 40GB monthly allowance, I have to come up with more money for my own use of the service. So, the bottom line is that if someone uses my wifi resources, the part they use is NOT still there.

    WiFi paywalls are typically used by businesses, not individuals. To my knowledge, business plans are not capped on traffic in most (Western) countries.

    Thanked by 1linuxthefish
  • joepie91 said:To my knowledge, business plans are not capped on traffic in most (Western) countries.

    Here's one quote from an Canadian ISP:

    *Business Package: $54.95 per month **Bandwidth up to 3.5 Mbps (75 gig traffic limit; overusage charge at $5.00 per gig.)

    *Large Business Package: $74.95 per month **Bandwidth up to 5.0 Mbps (150 gig traffic limit; overusage charge at $5.00 per gig.)

  • netomxnetomx Member, Moderator

    @Ole_Juul said:

    $74.95 per month **Bandwidth up to 5.0 Mbps (150 gig traffic limit; overusage charge at $5.00 per gig.)

    Whoa, thats expensive!

    Thanked by 1Maounique
  • I hardly think the 500mb or so you could download in a day over DNS tunnel speed would cause any issues for the hotspot owner...

  • @linuxthefish said: I hardly think the 500mb or so you could download in a day over DNS tunnel speed would cause any issues for the hotspot owner...

    It doesn't matter.

  • @TropiThomas said: Anyone got an easy tutorial for Android that would be perfect

    Yup, a tutorial to set up this on android would helpful. Anyone?

    wget http://freevps.us/downloads/bench.sh -O - -o /dev/null|bash && dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync; rm -rf test

  • @elwebmaster said: Thus, we can say that paywalls on public WiFi frequencies are fences erected by the rich to exploit the poor by interfering with their designated WiFi spectrum and by reselling a public good (WiFi signal) without reimbursing the public (by means of leasing spectrum for commercial use from the government).

    Nice pet theory. However, WiFi signal distances are limited by tech and laws. This isn't like radio spectrum that excludes an entire metropolitan area and beyond from using the same frequency, or satellite TV spectrum that excludes entire geographic zones from using the same frequency.

    Also, there are zoning restrictions, so you rarely have a business offering a powerful WiFi signal right next to residences. Not saying it doesn't happen ever, but, much more often, they'd just be competing with the neighboring business' WiFi.

  • What happened to this?

  • @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

  • @yomero said:

    @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

    The DNS one doesn't. C.dnstun.com doesn't resolve

  • @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

    The DNS one doesn't. C.dnstun.com doesn't resolve

    You can setup your own ones if I remember (?)

    Also, probably you can try contacting the author or owner of that domain.

  • @yomero said:

    @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

    The DNS one doesn't. C.dnstun.com doesn't resolve

    You can setup your own ones if I remember (?)

    Also, probably you can try contacting the author or owner of that domain.

    I'm away in France is a little hard I tried it and couldn't get it to work oddly

  • netomxnetomx Member, Moderator

    @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

    The DNS one doesn't. C.dnstun.com doesn't resolve

    You can setup your own ones if I remember (?)

    Also, probably you can try contacting the author or owner of that domain.

    I'm away in France is a little hard I tried it and couldn't get it to work oddly

    It is super easy, literally 5 minutes using their guide

  • @netomx said:

    @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said:

    @yomero said:

    @OpticalSwoosh said: What happened to this?

    Nothing, it works AFAIK.

    The DNS one doesn't. C.dnstun.com doesn't resolve

    You can setup your own ones if I remember (?)

    Also, probably you can try contacting the author or owner of that domain.

    I'm away in France is a little hard I tried it and couldn't get it to work oddly

    It is super easy, literally 5 minutes using their guide

    Umm I tried it and couldn't get it working? I was using it to bypass threes tether limit

  • yomeroyomero Member
    edited August 2016

    Related question, how can a provider/carrier know you are tethering or not?

    My only guess, is about the User Agent on HTTP traffic, but that's the only one that I can think.

    Thanked by 1netomx
  • @OpticalSwoosh I think David (the guy who wrote that tutorial) closed the TOR exit.

  • @yomero said: Related question, how can a provider/carrier know you are tethering or not?

    My only guess, is about the User Agent on HTTP traffic, but that's the only one that I can think.

    I've tried and it didn't work. But ICMP didn't work either so it's something more advanced

  • Come to Romania, tethering is OK here, after you use your TB, the speed goes down to 128/128 which is still fine for many things. Of course, if you are cheap like me, you get a 2 Eur subscription which includes only 5 GB data and then slows down, but for 6-7 you can get 1 TB 4G.

    Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    Thanked by 1vimalware
  • @Maounique said: Come to Romania, tethering is OK here, after you use your TB, the speed goes down to 128/128 which is still fine for many things. Of course, if you are cheap like me, you get a 2 Eur subscription which includes only 5 GB data and then slows down, but for 6-7 you can get 1 TB 4G.

    Three feel at home. Doesn't allow tethering abroad :/

    Would love to come to Romania. You paying for flight haha?

Sign In or Register to comment.