Full Disclosure mailing list archives
Re: DNS poisoning
From: "Joel R. Helgeson" <joel () helgeson com>
Date: Tue, 27 Jun 2006 18:57:15 -0500
No way to do that I know of on the DNS server itself, you could place a router in front of the DNS server that will perform a source based NAT translation to send the traffic to the poisoned server. Otherwise, you could simply place entries into the hosts file on the target machine so that the specific requests will never get resolved via DNS.
Joel----- Original Message ----- From: "Saeed Abu Nimeh" <drellman () hotmail com>
To: <full-disclosure () lists grok org uk> Sent: Tuesday, June 27, 2006 4:47 PM Subject: [Full-disclosure] DNS poisoning
Is there a way to do dns poisoning and make the poisoned server provide legitimate queries when doing dns lookup. Example: Assume I am running a poisoned dns server, when user X does lookup yahoo.com or dig yahoo.com I reply with legit yahoo entries, however, when user Y does the same thing I provide fake or spoofed entires. Thanks, Saeed _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DNS poisoning Saeed Abu Nimeh (Jun 27)
- Re: DNS poisoning Valdis . Kletnieks (Jun 28)
- <Possible follow-ups>
- Re: DNS poisoning Joel R. Helgeson (Jun 27)
- Re: DNS poisoning Cardoso (Jun 27)
- Re: DNS poisoning Aaron Gray (Jun 27)