Created the Tuesday 23 April 2019. Updated 3 years, 7 months ago.
DNS Tunneling is a method that encodes the data of other programs or protocols in DNS queries and responses. DNS tunneling often includes data payloads that can be added to an attacked DNS server and used to control a remote server and applications.
Typically, DNS tunneling requires the compromised system to have external network connectivity, as DNS tunneling requires access to an internal DNS server with network access. Attackers must also control a domain and a server that can act as an authoritative server in order to execute the server-side tunneling and data payload executable programs.