How to use Appdome "Permit DNS over TCP"

Learn how to prevent man-in-the-middle attacks (MiTM) using Appdome. This Knowledge Base article explains how to implement the Appdome Trusted Session feature to prevent mobile Man-in-the-middle attacks. The article also explains how Appdome’s “Permit DNS over TCP” setting works when you implement Appdome Trusted Session.

What is Appdome?

Appdome is a mobile integration platform as a service (iPaaS) that enables anybody to add a wide variety of features, SDKs, and APIs to Android and iOS applications. Using a simple ‘click to add’ user interface, Appdome enables anyone to easily implement mobile app security in any iOS or Android app – instantly, no code or coding required.

Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement Trusted Session to prevent MitM attacks.  Trusted Session can be added to any iOS or Android app in seconds, with no code or coding.

Prevent Man-In-The-Middle Attacks With Trusted Session

You can implement Appdome Trusted Session to prevent man-in-the-middle attacks and other forms of session hijacking.  Appdome also protects any app from malicious proxies, modified or untrusted Certificates, and Stale Session renewal.

Appdome Trusted Session validates the authenticity of communication sessions initiated by the app or the server. This includes actively validating TLS/SSL certificates, CAs, session state to prevent any unauthorized modifications.

When implemented in a mobile app, Appdome Trusted Session technology prevents hackers from gaining control over the session before the TLS handshake completes.   When the application starts the SSL Handshake with the server, Appdome’s Trusted Session technology inspects the traffic for anything that looks suspicious. When triggered, the Trusted Session will automatically notify the user of the compromise and drop the connection.

The message displayed to the user can be customized.

Appdome Trusted Session feature

When you build your app with Trusted Session, you can enable any number of additional Session Controls, as seen below.

When you build your app with Appdome Trusted Session enabled, you can also enable one or more “Session Control” options, including “Permit DNS over TCP”.   Building your application with Permit DNS over TCP allows DNS requests over TCP to pass undisrupted. 

Prerequisites for using “Permit DNS over TCP” feature in Appdome Trusted Session

How to Add Trusted Session and “Permit DNS over TCP” to Any Mobile App  

Follow these step-by-step instructions to enable Appdome Trusted Session and Permit DNS over TCP to a mobile app.

Upload a Mobile Application to Your Account

Please follow these steps to add a mobile application to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, go to the Security menu

  • Click  Secure Communications to expend the bundle.
  • Click on the toggle to enable Trusted Session.
  • Expand the sub-bundle Session Control.
    • (optional) Use Permit DNS over TCP  to allow DNS requests over TCP to pass undisrupted (as explained above)
  • Click Build My App

 

appdome permit dns over tcp option

The technology behind Build My App has two major elements – (1) a micro-service architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the application to the relevant code-sets needed to add the requested service to the mobile application in seconds.

Congratulations! When your integration is complete, you will see the notice below. You now have a mobile app fully integrated with Trusted Session.
Appdome Fusion Success Notification

What to do After I Build My App?

That is it – You now have a new app built with Appdome’s Trusted Session and “Permit DNS over TCP”.

After you have added Secure Communication to any mobile application on Appdome, there are a few additional steps needed to complete your project.

How Do I Learn More?

Check out the Appdome Trusted Session KB for more detail on Trusted Session and other optional features available.

To zoom out on this topic, visit Appdome for Mobile App Security on our website or request a demo at any time.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Alan Bavosa

Have a question?

Ask an expert

AviMaking your security project a success!