Hacker News new | past | comments | ask | show | jobs | submit login

DNS tunneling is only good in theory. Ah, good old days. There was time (2003?) when I had a T-Mobile phone with GPRS and an IR port. I connected it to my laptop and discovered DNS lookups worked. Downloaded DNS tunnel sources, compiled and tried. It was not usable, way way too slow. The latency of the DNS server was the main issue. Besides, the tool was very crash prone. More of a proof of concept than real thing. I spent a few hours reading code and fixing bugs just to get it to the point where it somewhat worked. The DNS traffic used by the tunnel is quite easy to identify and probably filter out (the names looked up follow a specific pattern).

So, there was no need for ISP to get worried. Given how slow access would be and the skill level required to get it to work, it is thousand times cheaper to ignore the "security hole".

The Google app engine proxy looks more "useful".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: