user123456

Asked: 2017-03-23 11:23:35 +0800 CST2017-03-23 11:23:35 +0800 CST 2017-03-23 11:23:35 +0800 CST

Which iptables rules allow me to fake a remote DNS answer with a local DNS running on the router?

A machine has a DNS set to 8.8.8.8
The network router has an ad hoc DNS running (say dnsmasq)

Which iptables rules allows to fake the response from the remote server 8.8.8.8 with the local router DNS?

For instance, if the router DNS is associating google.fr to the IP of google.co.uk, I want to be able to see this from the router (192.168.1.2 is the ansewer)

# dnsspoof
192.168.1.2.38072 > 8.8.8.8.53:  31752+ A? google.fr
8.8.8.8.53 > 192.168.1.2.38072: 31752+ A google.co.uk

1 Answers

Voted

user123456

2017-03-23T13:10:41+08:002017-03-23T13:10:41+08:00

iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1
[...]

Which iptables rules allow me to fake a remote DNS answer with a local DNS running on the router?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?