If so, how do you configure your client operating system of choice to
use the novel, un-proxied ports instead of using
port 53?
* Set up the profile, to your house/work/etc, of your favorite SSH
client to forward port 53 local to port 53 on your remote machine.
* Make sure your SSH Profile connects to your house/work/etc via IP, not
name
* make sure there is some sort of DNS server running on the target of
your SSH session
* make sure your SSH server supports forwarded ports
* connect to your house/work/etc.
* repoint your local DNS client config to 127.0.0.1
* browse at will
* (don't forget to undo this later or risk losing your sanity....)
Same type of config works great for HTTP (with squid, and browser proxy
settings) etc..
>If so, how do you configure your client operating system of choice to
use the novel, un-proxied ports instead of using
> port 53?
* Set up the profile, to your house/work/etc, of your favorite SSH
client to forward port 53 local to port 53 on your remote machine.
<snip>
Same type of config works great for HTTP (with squid, and browser proxy
settings) etc..
The flaw here is that DNS operates over 53(UDP), last time I checked SSH
doesn't do UDP port forwarding?
Cheers,
Trent
In the interests of dispelling a common myth, DNS operates over both 53/udp and 53/tcp. However, given that a substantial portion of most clients' queries will likely use UDP transport, your fundamental point stands.
Joe
http://www.isc.org/index.pl?/sources/network/utils/ien116.php
Shows how to implement the good old ien 116 nameserver and how
to query it. It runs from the inetd. No need to have it waste
memory and cpu all the time.
Run an ien 116 nameserver at home and query it, using your
laptop. Next maintain your /etc/hosts
I hope your laptop reads /etc/hosts or the windows hosts file
before querying DNS. Mine do.
Except for the Mac there is no way short from a firewall to
convince your laptop to use another port than 53 for DNS.
But why not run your personal dns-server, bind or djbdns.
they both can use other ports than 53.
Kind regards
Peter and Karin
Lasher, Donn wrote:
Once upon a time, Trent Lloyd <lathiat@bur.st> said:
The flaw here is that DNS operates over 53(UDP), last time I checked SSH
doesn't do UDP port forwarding?
It doesn't forward UDP ports, but you can set up a full IP tunnel with
it now.
Once upon a time, Chris Adams <cmadams@hiwaay.net> said:
Once upon a time, Trent Lloyd <lathiat@bur.st> said:
> The flaw here is that DNS operates over 53(UDP), last time I checked SSH
> doesn't do UDP port forwarding?
It doesn't forward UDP ports, but you can set up a full IP tunnel with
it now.
Sorry to follow up to my own message, but by "it" I mean OpenSSH. You
do have to be running *BSD or Linux on both ends to do this.