Dsniff certainly does have some useful party tricks for making the point to clients who don't quite get the importance of network security.
Sometimes I miss being a network/systems consultant. -Alex Alex Whittemore wrote:
Arpspoof, eh? I bet you've got a firefox window open right now displaying exactly what I'm looking at, real time, don't you?Dangeroussssss.On Mon, Dec 8, 2008 at 8:32 PM, Alexcb <alexcb@xxxxxx <mailto:alexcb@xxxxxx>> wrote:yeah, everything in dsniff is very handy for those quick little hacks when you don't actually need a full server. And arpspoof is just so much fun :-) -Alex Alex Whittemore wrote: I wish it was as simple as using /etc/hosts. In fact, simply modifying /etc/hosts is no different from any of the things that could be done by employing a false DNS server, but for the purposes of the project, an actual dns server has to be involved (or, as Alex Bernson suggests, a DNS forwarder that spoofs some responses). So in fact, I'll probably try Ryan's suggestion first, just because the bind server is already set up and (at least mostly) configured correctly, but failing that I'll jump ship to Alex's suggestion, which is really what I needed in the first place (so thanks a bunch, that pretty much solves the problem :). Thanks, Alex On Mon, Dec 8, 2008 at 8:13 PM, Ryan Mullen <rmullen@xxxxxx <mailto:rmullen@xxxxxx> <mailto:rmullen@xxxxxx <mailto:rmullen@xxxxxx>>> wrote: Alternatively, if you don't even specifically need DNS and just want to look up by names, the /etc/hosts file should work just fine - though that's probably way too simplistic. On Mon, 8 Dec 2008, Alexcb wrote: If you don't actually need to have a dns server running and just want to redirect a few domains, the dnsspoof program from the dsniff package might be a simpler solution. It allows you to redirect whatever domains you set in a simple text config, while forwarding all other requests on to a proper DNS server. https://calomel.org/dns_spoof.html Maybe not a great long term solution, but if it's just for a quick project/testing, it's way easier than mucking around with Bind. -Alex Bernson Alex Whittemore wrote: Hey linux user group! I am working on a project which requires me to have a DNS server configured and serving bogus information. Let's take the example of google. I have my DNS server all set up (in my basement at home, yay basement server farms) and it's perfectly capible of handling regular DNS requests for domains whose proper NS records (with whatever root name servers) point to it. What I need it to do, however, is also serve requests for example for www.google.com <http://www.google.com> <http://www.google.com> <http://www.google.com>. That is to say, if I tell my laptop to use it as a primary DNS server, I need my laptop to draw an A record for www.google.com <http://www.google.com> <http://www.google.com> <http://www.google.com> from MY name server, not query a.root-servers.net <http://a.root-servers.net> <http://a.root-servers.net> <http://a.root-servers.net> for an NS record, then NS1.google.com <http://NS1.google.com> <http://NS1.google.com> <http://NS1.google.com> for an A record. I've configured my dns server to do this, but I don't know how to make it authoritative - for some reason it just seems to serve the correct records even when I edit its db.root to tell it that a.root-servers.net <http://a.root-servers.net> <http://a.root-servers.net> <http://a.root-servers.net> is the only root level dns server, and that it's ip is the name server's itself. Any ideas on how to get this rockin'? I can email config files if you like. For general info, the system is a ubuntu 8.04 box with bind-chroot installed (bind9) Alex _________ BU LUG: http://lug.bu.edu. To unsubscribe, email bulug-list-request@xxxxxxxxxxxxx <mailto:bulug-list-request@xxxxxxxxxxxxx> <mailto:bulug-list-request@xxxxxxxxxxxxx <mailto:bulug-list-request@xxxxxxxxxxxxx>> with 'unsubscribe' in the subject field. _________ BU LUG: http://lug.bu.edu. To unsubscribe, email bulug-list-request@xxxxxxxxxxxxx <mailto:bulug-list-request@xxxxxxxxxxxxx> <mailto:bulug-list-request@xxxxxxxxxxxxx <mailto:bulug-list-request@xxxxxxxxxxxxx>> with 'unsubscribe' in the subject field. _________ BU LUG: http://lug.bu.edu. To unsubscribe, email bulug-list-request@xxxxxxxxxxxxx <mailto:bulug-list-request@xxxxxxxxxxxxx> with 'unsubscribe' in the subject field.
_________ BU LUG: http://lug.bu.edu. To unsubscribe, email bulug-list-request@xxxxxxxxxxxxx with 'unsubscribe' in the subject field.
