lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed Jun 28 00:57:30 2006
From: joel at helgeson.com (Joel R. Helgeson)
Subject: DNS poisoning

No way to do that I know of on the DNS server itself, you could place a 
router in front of the DNS server that will perform a source based NAT 
translation to send the traffic to the poisoned server. Otherwise, you could 
simply place entries into the hosts file on the target machine so that the 
specific requests will never get resolved via DNS.

Joel
----- Original Message ----- 
From: "Saeed Abu Nimeh" <drellman@...mail.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Tuesday, June 27, 2006 4:47 PM
Subject: [Full-disclosure] DNS poisoning


> Is there a way to do dns poisoning and make the poisoned server provide
> legitimate queries when doing dns lookup. Example: Assume I am running a
> poisoned dns server, when user X does lookup yahoo.com or dig yahoo.com
> I reply with legit yahoo entries, however, when user Y does the same
> thing I provide fake or spoofed entires.
> Thanks,
> Saeed
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 

Powered by blists - more mailing lists