success 66523 nsrx 2008-12-18T23:29:58Z 2008-12-18T23:29:59Z This is a proof-of-concept implementation of Dan Kaminsky's so-called "DNS source routing" hack. WHAT IT DOES: establish inbound IP traffic to a host inside a private network, with no public IP address nor DNAT setup. HOW IT WORKS: the private network's local dns resolver is fooled into relaying trafic back in forth. REQUIREMENTS:     - The target network must host a local dns resolver     - The dns resolver must be able to establish UDP/53 connections towards the target     - The attacker must have authority on a zone somewhere in the DNS hierarchy     - The attacker must trigger an initial DNS request for the zone he controls from inside the target network (there are many ways to do so) More in-depth documentation will be included, as the available documentation is scarse to say the least. http://code.google.com/p/nsrx nsrx 0 0 bsd BSD Copyright