LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page DNS spoofing / DNS forgery
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-08-2016, 09:16 AM   #1
Spinsq
LQ Newbie
 
Registered: Feb 2016
Posts: 3

Rep: Reputation: Disabled
DNS spoofing / DNS forgery

Hi all,

I have a DNS server that is master for some public domains. We also have clients that use the DNS server as their lookup server.
For security issues we use dnsmasq to redirect some sites to a webpage that indicates that the site is not accepted.
I have setted the dnsmasq before the named service. But this means that all internet clients can use our DNS server to query requests which is not good. I want to restrict the possible query requests to only our client networks.
I had a filter setted up under the named service:
allow-recursion { localhost; x.x.x.x/24; y.y.y.y/24; }; Dnsmasq uses
the port 53 and if no match is made on the blocked list he forwards it
to himself on port 5353 where the named.service runs.
The named service sees the request as coming from localhost and does the recursion.

I have asked if this is possible with dnsmasq but no positive response so far. Anyone knows any other solution that might work? If something is unclear then I can explain in more detail.

Distro:
Fedora release 17 (Beefy Miracle)
NAME=Fedora
VERSION="17 (Beefy Miracle)"
ID=fedora
VERSION_ID=17
PRETTY_NAME="Fedora 17 (Beefy Miracle)"
ANSI_COLOR="0;34"
CPE_NAME="cpe:/o:fedoraproject:fedora:17"
Fedora release 17 (Beefy Miracle)
Fedora release 17 (Beefy Miracle)


Best Regards
 
Old 02-08-2016, 01:32 PM   #2
ugjka
Member
 
Registered: May 2015
Location: Latvia
Distribution: Arch, Centos
Posts: 368
Blog Entries: 5

Rep: Reputation: 264Reputation: 264Reputation: 264
Why fedora 17?
 
Old 02-08-2016, 01:52 PM   #3
Spinsq
LQ Newbie
 
Registered: Feb 2016
Posts: 3

Original Poster
Rep: Reputation: Disabled
The server is a couple of years old and hasnt been upgraded yet.
Is there a new bind version where it is possible what I want to achieve?
 
Old 02-09-2016, 04:19 AM   #4
Spinsq
LQ Newbie
 
Registered: Feb 2016
Posts: 3

Original Poster
Rep: Reputation: Disabled
I found dnsdist, anyone has got any experience with that?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Warning: Possible Dns Spoofing Detected! ashsethi Linux - Security 16 07-19-2011 09:39 AM
dns spoofing with ettercap does not work bo01 Linux - Networking 1 07-03-2011 11:30 PM
Configure DNS Spoofing ranjeet_badhe Linux - Networking 4 10-26-2009 05:53 AM
Spoofing MX records without querying DNS rubanek Linux - Networking 1 06-02-2008 01:56 PM
Help with SSH attack..DNS Spoofing laucian Linux - Newbie 1 10-15-2007 06:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:52 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration