T-DNS: DNS over TCP and TLS


  • The Domain Name System (DNS) is vulnerable to attacks that can compromise privacy and result in denial-of-service.

  • This application demonstrates a version of DNS that combines TCP and TLS to address some of these problems with the UDP communication protocol that DNS currently uses.

  • This application involves a server and client proxy that handle the request and response locally using UDP but in turn communicate via T-DNS between themselves for enhanced security.

  • For purposes of demonstration, we have setup the server proxy on a remote host that you will send a DNS request to.

  • You will be provided a terminal emulation client where you can start the client proxy and ping external servers whose DNS names will need to be resolved using the server proxy.

  • The TCP connection between the client and server proxy can be monitored, to validate the fact that the communication is indeed using TCP.

  • Please note that this demonstration is based on our interpretation of a small piece of this research project. It is not intended as a complete representation of the authors' research.

  • This demonstration is based on work that was presented in the 36th IEEE Symposium on Security and Privacy (website). To learn more, visit the authors' webpage

  • Ready to go? Try It !
  • Note: You will have around 20 minutes to test this application.