Vulnerability Development mailing list archives

Re: (lame) spoofing DNS with hosts files...

From: salo <salo () Xtrmntr org>
Date: Tue, 21 Aug 2001 05:33:24 +0200

hi there,

On Mon, Aug 20, 2001 at 08:24:14PM +0400, Mitino-PTT support wrote:

i think first operating system looks hosts file and then (if not true) makes
a dns query


in fact this is not true (i do not know how it works in windows). this is only
default configuration on dns-resolver-based-lookups hosts. magical place where
it is all configured is /etc/nsswitch.conf, directive "hosts".

typically it looks as follows:

  hosts: files dns

this will cause internal resolver to look into /etc/hosts first and only if
nothing appropriate is found there ask first external resolver defined in
/etc/resolv.conf

so if you want to skip /etc/hosts, simply change that line to:

  hosts: dns

and your host will always ask external resolver for dns lookups. there are
another possibilities like ask nis resolver, etc. -> man nsswitch.conf in your
favorite UNIX-like OS

its not a bug or vulnerability
it is feature (which came from ancient times when there was no domain name
system on the Earth)


/etc/hosts is especially usable in small LANs without external resolver/dns
server configured, etc.

i think it is not a topic for this list


sure. this is topic for "fundamentals of [insert your favorite OS here]"
ond "newbie to dns".

C:\WINDOWS>echo 192.168.1.2 www.hotmail.com >> hosts

C:\WINDOWS>ping www.hotmail.com

Pinging www.hotmail.com [192.168.1.2] with 32 bytes of data:

Reply from 192.168.1.2: bytes=32 time=38ms TTL=255

Ping statistics for 192.168.1.2:
   Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
   Minimum = 38ms, Maximum =  38ms, Average =  38ms
Control-C


Tested the same thing under linux too... no suprises really I spose just
something to ponder...


what about placing:

zone "." {
        type master;
        file "surprise";
};

into your 'named.conf' and then put:

*        IN A  127.0.0.1.

into 'surprise' and starting bind? you have whole internet on your desk!
great, isn't it? no, it is not. please read some documents describing how dns
resolving and OS you are using work and get a clue about it.

thank you

-- 
--   salo <salo () Xtrmntr org>         ASCII Ribbon campaign against   /"\   --
--        <salo () silcnet org>         e-mail in gratuitous HTML and   \ /   --
--                                   Microsoft proprietary formats    X    --
--   http://Xtrmntr.org/salo.pgp                                     / \   --

Current thread:

(lame) spoofing DNS with hosts files... .MetsyS. (Aug 20)
- Re: (lame) spoofing DNS with hosts files... Nelson Brito (Aug 20)
- <Possible follow-ups>
- Re: (lame) spoofing DNS with hosts files... Mitino-PTT support (Aug 20)
  - Re: (lame) spoofing DNS with hosts files... .MetsyS. (Aug 20)
  - Re: (lame) spoofing DNS with hosts files... salo (Aug 20)
- RE: (lame) spoofing DNS with hosts files... John Thornton (Aug 21)