[BuildTheRobots]

For another fantastic abuse of DNS, the Iodine* project uses DNS to tunnel IP which is just obscene.

http://code.kryo.se/iodine/

(Why? Lots of captive portal wifi hotspots (think hotel/train etc) seem to allow DNS resolutions before stopping your other traffic.)

* DNS uses port 53 which is the same as the atomic number for Iodine ;)

[galvan]

Ah, iodine. I've used it in airports, hotels, cafes - it's great. The only drawback is that it's slower than dialup and latency is off the charts. But when you're stuck on a cruise ship and internet access is $8 a minute, being able to ssh somewhere and browse the web and check your mail very slowly through links is worth it.

[batbomb]

I usually just spoof mac addresses of people who already paid in most of those cases, the caveat usually being somebody had to pay.

[Steuard]

I hope you're not still talking cruise ships here! Those folks are often paying high prices by the minute or by the megabyte for access: you'd be pretty literally stealing from your neighbors in that situation. (The moral issue for pay-by-the-day systems is one step further removed, but I think it's still real.)

[jrockway]

802.1x covers access control to networks. MAC addresses are not for access control.

Not that a court would agree with my logic, of course.

[WiseWeasel]

Yeah, you might have a tough time explaining to the judge that Media Access Control addresses are not for access control.

[AnthonyMouse]

In this context "access control" doesn't mean what you think it does. It refers to multiplexing the communications of multiple devices over a single shared communications medium, as in "controlling" (arbitrating) shared access to the radio spectrum. It has no relationship to network authorization or authentication and provides no security whatsoever.

http://en.wikipedia.org/wiki/Channel_access_method

Calling it "access control" has always been confusing which is why people started calling it Machine Address Code or Ethernet Hardware Address instead.

[annnnd]

Doesn't really matter - it might (!) be legal, but it is immoral (if they really are paying by MB).

[brianpgordon]

I was staying at a Hilton (Omaha, NE) last night and their captive portal scared me off by putting the MAC address, IP address, and user agent in the query string, plus network stuff like the VLAN id and the MAC address of some piece of network gear that's servicing you. It seemed like they had a pretty complex system to deter abuse.

Of course, I just tethered my phone and got way better service than their crappy $10/day wifi.

[UVB-76]

If those people have a download limit that's rather unscrupulous.

[xymostech]

Woah, awesome. I've used the http://dnstunnel.de/ tunneling scripts before, and they're a bit of a pain to setup (mostly because of the perl library requirements).

[sajal83]

I remember using these scripts years ago when wifi hotspots used to charge obscene amounts of money...

[milkshakes]

malware authors have been using this technique for some time: http://www.cs.berkeley.edu/~mobin/publications/2013/DNS_USEN...

[click170]

How to start protecting yourself against this.

http://www.neustar.biz/blog/how-to-identify-prevent-dns-tunn...