Posts Tagged ‘Perl’

DNS Tunneling – Updated Source

March 8, 2008

Alright, so as I’ve been asked for the source of my changed Ozyman DNS source, I have now uploaded it. However WordPress does not allow me to upload .zip files, so I changed the extension to pdf, even though it’s a zip file. Rename the file before extracting it.

However, let me get a couple of things clear before you use it:

  • It’s a development version and as such not destined for “production” use
  • You should have some Perl knowledge to use it
  • I will not support the code
  • There will be problems if you have multiple DNS servers and some of them support larger packet sizes than others
  • Don’t forget to change Net::DNS::RR::new_from_hash so that it does not remove tailing dots from the packet’s content (yes, I know it would be better to change the code in a way

OK, now that this is clear, I’d like to ask your help. My problem is, I’m not too good with Perl. I ran some tests with Devel::DProf (the Perl profiler) and here are the results:

Total Elapsed Time = 90.94859 Seconds
User+System Time = 57.02859 Seconds
Exclusive Times
%Time ExclSec CumulS #Calls sec/call Csec/c  Name
94.5   53.91 53.976    651   0.0828 0.0829  IO::Select::can_read
1.14   0.648  0.647    582   0.0011 0.0011  Thread::Queue::dequeue_nb
0.76   0.432  0.432  13868   0.0000 0.0000  Net::DNS::presentation2wire
0.67   0.382  1.371    639   0.0006 0.0021  main::reply_handler
0.27   0.152  3.271    639   0.0002 0.0051  Net::DNS::Nameserver::udp_connection
0.26   0.147  0.147  16596   0.0000 0.0000  Net::DNS::Header::AUTOLOAD
0.25   0.145 57.400    651   0.0002 0.0882  Net::DNS::Nameserver::loop_once
0.25   0.140  0.140      1   0.1400 0.1400  threads::create
0.24   0.138  1.870    639   0.0002 0.0029  Net::DNS::Nameserver::make_reply
0.17   0.096  0.154   2553   0.0000 0.0001  Net::DNS::Packet::push
0.14   0.079  0.079    638   0.0001 0.0001  Net::DNS::Header::string
0.13   0.075  0.553   1240   0.0001 0.0004  Net::DNS::RR::data
0.12   0.069  0.069    639   0.0001 0.0001  Net::DNS::typesbyval
0.10   0.059  0.059    639   0.0001 0.0001  IO::Select::handles
0.10   0.059  0.059    639   0.0001 0.0001  Net::DNS::Header::parse

So the program spends almost 95% of it’s system time inside IO::Select::can_read (called by Net::DNS). I have no idea why this takes so long. I think the main speed problem is Net::DNS (even the homepage says that it’s slow). As it seems that the only problem is this single call (for DNS tunneling at least), maybe does anyone know how to make this faster? Alternatively it might be a good idea to implement the server in C (iodine does this; it’s way faster if you’re interested, however does not work in some cases).

Picture of Harley by ZakQ100

Tags:, , , , , , , , ,
Posted in Security | 5 Comments »