[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] DNS poisoning

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] DNS poisoning
From: "Joel R. Helgeson" <joel@xxxxxxxxxxxx>
Date: Tue, 27 Jun 2006 18:57:15 -0500

No way to do that I know of on the DNS server itself, you could place arouter in front of the DNS server that will perform a source based NATtranslation to send the traffic to the poisoned server. Otherwise, you couldsimply place entries into the hosts file on the target machine so that thespecific requests will never get resolved via DNS.


Joel

----- Original Message -----From: "Saeed Abu Nimeh" <drellman@xxxxxxxxxxx>

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, June 27, 2006 4:47 PM
Subject: [Full-disclosure] DNS poisoning

Is there a way to do dns poisoning and make the poisoned server provide
legitimate queries when doing dns lookup. Example: Assume I am running a
poisoned dns server, when user X does lookup yahoo.com or dig yahoo.com
I reply with legit yahoo entries, however, when user Y does the same
thing I provide fake or spoofed entires.
Thanks,
Saeed

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html

Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] DNS poisoning
  - From: Cardoso

References:
- [Full-disclosure] DNS poisoning
  - From: Saeed Abu Nimeh

Prev by Date: [Full-disclosure] "Microsoft Office Excel 2003" Hlink Stack/SEH Overflow Exploit
Next by Date: Re: [Full-disclosure] Sniffing RFID ID's ( Physical Security )
Previous by thread: [Full-disclosure] DNS poisoning
Next by thread: Re: [Full-disclosure] DNS poisoning
Index(es):
- Date
- Thread