Skip to content

Instantly share code, notes, and snippets.

@nukeador

nukeador/DNS tunneling with iodine.md

Last active October 28, 2024 11:53
Show Gist options
  • Save nukeador/7483958 to your computer and use it in GitHub Desktop.
Save nukeador/7483958 to your computer and use it in GitHub Desktop.
Download ZIP
How to install and use iodine for DNS tunneling.
Raw
DNS tunneling with iodine.md

This guide provides detailed steps for setting up DNS records, configuring a DNS tunneling server and client, and setting up a browser for secure proxy connections.

Why iodine?

  • Bypassing Network Restrictions: iodine excels in environments with strict network restrictions. It utilizes DNS queries, which are typically allowed through firewalls, to tunnel data where traditional methods like VPNs might be blocked.
  • Efficient for Limited Bandwidth: Ideal for situations with bandwidth limitations, iodine requires less bandwidth compared to standard VPNs, making it a practical choice for networks with restricted data flow.
  • Customizability and Open Source: As an open-source tool, iodine offers extensive customization options. Users with specific technical needs or those interested in a hands-on approach to network tunneling can tailor iodine to their requirements.

Prerequisites

  • A domain (e.g., mydomain.com)
  • Access to the domain's DNS settings
  • A server with root access
  • A Linux client machine
  • Basic understanding of DNS records and SSH

Domain Configuration

Steps:

  1. Add DNS Records:

    • Navigate to your domain's DNS settings.

    • Add the following records:

      t1              IN      NS      t1ns.mydomain.com.  # Note the final dot
t1ns            IN      A       YOUR_SERVER_IP

    • t1 is a subdomain used for the DNS tunneling service.

    • t1ns points to the IP address of your server (YOUR_SERVER_IP).

Best Practices:

  • Use of CNAME Records: For aliases or subdomains that point to the same server, consider using CNAME records for easier management.
  • Security: Ensure all records are correctly configured to prevent DNS spoofing or hijacking.

Server Setup

Steps:

  1. Install iodine:

    • Connect to your server via SSH.

    • Install the iodine package:

      sudo apt install iodine

  2. Configure and Run iodine:

    • Start the iodine server with a secure password and an appropriate IP range:

      sudo iodined -f -c -P YOUR_PASSWORD 10.0.1.1 t1.mydomain.com &

    • Replace YOUR_PASSWORD with a strong password.

    • 10.0.1.1 is the IP range for the DNS tunnel.

Best Practices:

  • Security: Use a strong, unique password for iodine.
  • Logging: Enable logging for iodine to monitor connections and troubleshoot issues.

Linux Client Configuration

Steps:

  1. Install iodine:

    • On your Linux client, install iodine:

      sudo apt install iodine

  2. Establish a Connection:

    • Connect to the iodine server:

      sudo iodine -f -P YOUR_PASSWORD t1.mydomain.com &

    • Forward port 9999 via SSH for a proxy connection:

      ssh [email protected] -D 9999

Best Practices:

  • Network Security: Ensure your client's network is secure when establishing the tunnel.
  • Password Protection: Use the same strong password as set on the server.

Browser Configuration

Steps:

  1. Set Up Proxy:
    • Configure your browser to use a SOCKS5 proxy.
    • Set the proxy address to localhost and the port to 9999.

Best Practices:

  • Proxy Verification: Verify the proxy settings to ensure traffic is correctly routed through the tunnel.
  • Regular Updates: Keep your browser updated to the latest version for security and compatibility.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment