Alright, so as I’ve been asked for the source of my changed Ozyman DNS source, I have now uploaded it. However WordPress does not allow me to upload .zip files, so I changed the extension to pdf, even though it’s a zip file. Rename the file before extracting it.
However, let me get a couple of things clear before you use it:
- It’s a development version and as such not destined for “production” use
- You should have some Perl knowledge to use it
- I will not support the code
- There will be problems if you have multiple DNS servers and some of them support larger packet sizes than others
- Don’t forget to change Net::DNS::RR::new_from_hash so that it does not remove tailing dots from the packet’s content (yes, I know it would be better to change the code in a way
OK, now that this is clear, I’d like to ask your help. My problem is, I’m not too good with Perl. I ran some tests with Devel::DProf (the Perl profiler) and here are the results:
Total Elapsed Time = 90.94859 Seconds User+System Time = 57.02859 Seconds Exclusive Times %Time ExclSec CumulS #Calls sec/call Csec/c Name 94.5 53.91 53.976 651 0.0828 0.0829 IO::Select::can_read 1.14 0.648 0.647 582 0.0011 0.0011 Thread::Queue::dequeue_nb 0.76 0.432 0.432 13868 0.0000 0.0000 Net::DNS::presentation2wire 0.67 0.382 1.371 639 0.0006 0.0021 main::reply_handler 0.27 0.152 3.271 639 0.0002 0.0051 Net::DNS::Nameserver::udp_connection 0.26 0.147 0.147 16596 0.0000 0.0000 Net::DNS::Header::AUTOLOAD 0.25 0.145 57.400 651 0.0002 0.0882 Net::DNS::Nameserver::loop_once 0.25 0.140 0.140 1 0.1400 0.1400 threads::create 0.24 0.138 1.870 639 0.0002 0.0029 Net::DNS::Nameserver::make_reply 0.17 0.096 0.154 2553 0.0000 0.0001 Net::DNS::Packet::push 0.14 0.079 0.079 638 0.0001 0.0001 Net::DNS::Header::string 0.13 0.075 0.553 1240 0.0001 0.0004 Net::DNS::RR::data 0.12 0.069 0.069 639 0.0001 0.0001 Net::DNS::typesbyval 0.10 0.059 0.059 639 0.0001 0.0001 IO::Select::handles 0.10 0.059 0.059 639 0.0001 0.0001 Net::DNS::Header::parse
So the program spends almost 95% of it’s system time inside IO::Select::can_read (called by Net::DNS). I have no idea why this takes so long. I think the main speed problem is Net::DNS (even the homepage says that it’s slow). As it seems that the only problem is this single call (for DNS tunneling at least), maybe does anyone know how to make this faster? Alternatively it might be a good idea to implement the server in C (iodine does this; it’s way faster if you’re interested, however does not work in some cases).
Picture of Harley by ZakQ100
Tags: Code, DNS, DNS Tunneling, IODINE, Net::DNS, Ozyman, OzymanDNS, Perl, Source, Tunneling
Cyberphobia 
March 9, 2008 at 11:39 am |
[…] [Update: I’ve uploaded the source in the mean time and wrote about it here] […]
March 13, 2008 at 8:21 pm |
Hi! I have not tested it yet, but does this tool supports DNS tunneling in a Intranet that use a DNS forwarding servers as resolvers? Or must you have direct connectivity of your “magic” DNS server? Thanks!
March 14, 2008 at 8:16 am |
No, that’s the whole point of DNS tunneling. Access to any DNS server that does recursive lookups is enough.
November 30, 2008 at 9:49 am |
Hardcoding the $timeout to “0.1” in the beginning of loop_once cycle in DNS::Nameserver helped me to increase connection speed twice.
Also you may try to replace can_read calls used to timeout connections in NET::DNS::Nameserver to something like this:
eval {
local $SIG{ALRM} = sub { die “Timed Out” };
alarm 1;
### IO function call goes here
alarm 0;
};
if ($@ and $@ !~ /Timed Out/) {
die
}
This should give a 1 second timeout on the function call.
PS: You may aslo try to look through this article:
http://www.perlmonks.org/index.pl?node_id=193076
April 16, 2009 at 1:44 am |
[…] diversas implementacoes de TCP over DNS, sendo as mais famosas: Ozymandns (com um fork aqui), NSTX, entre outras. Andei brincando um pouco com elas, e a que trouxe melhores resultados foi a […]