Security Basics mailing list archives
Re: Re: DNS Manipulation via IPTables or other means?
From: pksf () iment com
Date: 9 Nov 2006 22:33:31 -0000
Perhaps you could use iptables' DNAT mechanism to redirect DNS requests to a DNS "proxy server" that modifed the responses, like HTTP requests are sometimes transparently (i.e., forcibly) proxied. I'm not sure if a DNS proxy can be built by configuring existing DNS servers (I tried intercepting certain sub-domains via BIND, but it seems BIND isn't designed for that), but you can always write code. If the load is light, it could be done in Perl (for example), otherwise compiled C (or C++, if you prefer that) would be needed. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- DNS Manipulation via IPTables or other means? Dan Bogda (Nov 07)
- Re: DNS Manipulation via IPTables or other means? Arthur Fonzarelli (Nov 08)
- Re: DNS Manipulation via IPTables or other means? Florian Rommel (Nov 09)
- RE: DNS Manipulation via IPTables or other means? Paul Ryland (Nov 23)
- Re: DNS Manipulation via IPTables or other means? Patrick Debois (Nov 09)
- Re: DNS Manipulation via IPTables or other means? Florian Rommel (Nov 09)
- <Possible follow-ups>
- Re: Re: DNS Manipulation via IPTables or other means? pksf (Nov 10)
- Re: DNS Manipulation via IPTables or other means? Arthur Fonzarelli (Nov 08)