Dns2TCP Service Detection

info Nessus Network Monitor Plugin ID 4657

Synopsis

The remote service supports the DNS-to-TCP protocol.

Description

The remote service supports the DNS-to-TCP protocol. This protocol hides network traffic protocols by embedding the traffic within seemingly innocuous DNS queries. This service can be used to bypass firewalls or proxies by obfuscating the true protocol within the DNS protocol.

Solution

Ensure that such services are allowed according to network policies and guidelines. Limit incoming traffic to this port if desired.

See Also

http://www.hsc.fr/ressources/outils/dns2tcp/index.html.en

Plugin Details

Severity: Info

ID: 4657

Family: Backdoors

Published: 9/15/2008

Updated: 6/1/2015