Configure DNS Spoofing

ranjeet_badhe · 10-23-2009, 07:40 AM

I want to configure DNS spoofing on Redhat Linux Server .Requirement is ,any name resolution query coming to DNS server must point to a external server which is hosting web application for service activiation.

Request to all readers to share details how to configure DNS spoofing on Red Hat Linux server.

Regards
Ranjeet Badhe

janoszen · 10-24-2009, 04:38 PM

This sure looks like something you need: https://calomel.org/dns_spoof.html

Please let me ask: why are you implementing something that awkward? You should control such things on an application level insted of hacking your DNS. Maybe use a proxy server?

ranjeet_badhe · 10-25-2009, 01:22 AM

Quote:

Originally Posted by janoszen

This sure looks like something you need: https://calomel.org/dns_spoof.html

Please let me ask: why are you implementing something that awkward? You should control such things on an application level insted of hacking your DNS. Maybe use a proxy server?

Well I am testing provisioning of cable modem prepaid services.My test bed has Activiation webserver ,Billing server,CMTS ,and Cisco CNR DHCP server.When a customer starts browsing he gets ip address initally.The customer is required to get directed towards Service provders portal.Here DNS spoofing will direct him to towards the login web page irrespective of the URL customer is trying to browse.Once he is authenticated he can get webaccess.

DNS spoofing plays important rule here ,without this it is not possible to redirect him to ISP home page.

Regards
Ranjeet

janoszen · 10-26-2009, 04:13 AM

Using DNS spoofing as a security measure is a bad idea since anybody can just use a different DNS server. You need a firewall redirect of all web trafic to your gateway server.

win32sux · 10-26-2009, 05:53 AM

I second janoszen's suggestion. Also, have you looked for already existing applications that do this sort of thing? Depending on your project constraints, using such a solution might be a better option than reinventing the wheel.

An example of using iptables to do the redirection janoszen mentioned is:

Code:

iptables -t nat -A PREROUTING -p TCP -i $LAN_IFACE --dport 80 -j REDIRECT

Here, HTTP requests would get redirected to the HTTP daemon on the firewall itself. You'd need to handle filtering in the FORWARD chain too, though. The way to do that would depend on what the overall approach would be. For example, you might choose to have a FORWARD/ACCEPT rule be implemented with the client's MAC/IP addresses when they log in, and have the rule removed when they log out (or time out). In other words, the kinda stuff which hotspot software does for you.