DNSCHAT-2 - Proof of Concept
===============================

(http://projects.bentasker.co.uk/jira_projects/browse/DNSCHAT-2.html)



Dependancies
--------------

	- GnuPG
	- Python-Gnupg
	- Scapy (Debian package name - python-scapy)




Protocol Changes
------------------

A base protocol was laid out in DNSCHAT-1 and has largely been adhered to. The query name structure has been altered slightly, however, and now takes the format

	{Sn}.{Sid}.{N}.{TN}.{msgstring}.endpointDomain

Where

	- Sn = Sender ID - an arbitrary numerical figure used to identify the user (can be set manually, otherwise changes between sessions)
	- Sid = Sequence ID - A numerical identifier for the current sequence of messages, increases incrementally
	- N = Sequence Number - Used to identify message ordering within each despatch of messages
	- TN = Total number of messages in the current despatch
	- msgstring = hex encoded ciphertext




Usage
-------

Usage is fairly simple, with support for the following command line arguments

	-h/--help		Print this text
	-r/--resolver=		DNS Resolver to use (e.g. --resolver=8.8.8.8)
	-c/--char-limit=	The maximum number of characters to use per query (default 63 - max is also 63)
	-i/--id=		Numeric ID to use
	-d/--domain=		The domain to query (e.g. --domain=example.com)
	-v/--debug		Use debug mode


Any required value which is not provided on the command line will be prompted for.

The user is prompted for a passphrase to be used with the symmetric encryption.

Ctrl-C exits the program



Known Limitations
-------------------

The PoC does have a number of limitations, though most are solely the result of trying to avoid creating a finished product

	- The interface is incredibly basic (did briefly test an Urwid based interface)
	- The traffic is likely identifiable - for simplicities sake some of the patterns used are very simplistic
	- Error trapping is a little casual

There's no intention to 'finish' the system, but if there were, the following improvements would likely be looked at

	- Switching to using PKI instead of symmetric keys
	- Introducing a delay between DNS requests
	- Making the queries less identifiable