if the network is rather small, another method would be to use dsniff package + dnsspoof (or modify the code for ur needs) to return all dns requests to ur bad box and let all the legitimate hosts pass through ...
u could probably using pcap + Net::DNS to accomplish the same thing or another method ... but then using direct IPs without resolving would defeat the purpose as the firewall would probably let the request go through. - jon ----- Original Message ----- From: "Julian Bleecker" <[EMAIL PROTECTED]> To: "Kevin Arima" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, September 05, 2003 9:05 AM Subject: Re: [nycwireless] trivial dns > Yeah, I was working on that, too. Here's the part that I didn't describe - > sometimes this network isn't on the "public" internet and i'd like to let > people know such. So, rather than getting a connection failed error, or an > error that the server couldn't be found, or such a thing as one may get when > off the internet, they'd get a page that explained the situation. > > As I understand it, the first thing that the client would do would attempt > to resolve the name, right? Which it wouldn't be able to do if it it wasn't > already cached, wasn't in the host table, or wasn't able to get to a name > server somewhere. Is this right? > > .julian. > > On 9/5/03 8:57 AM, "Kevin Arima" <[EMAIL PROTECTED]> said to me that: > > > On Fri, 5 Sep 2003, Julian Bleecker wrote: > > > >> Yeah, I've seen the kit, and this particular distribution, but to the best > >> of my knowledge, there is nothing particular about this distro that makes it > >> show the kind of splash page I'm referring to. > >> > >> What I think I need to do is have a custom DNS service that replies to name > >> resolution in a particular way. So, on my small network i'd have DNS queries > >> go to my own trivial DNS and resolve the IP to something other than the > >> "real" address. > >> > > > > That's not how you do it. Doing that way is bad, because the client > > caches the reply. What you do is IPTables Redirect to the local webserver > > until the client is "authenticated". > > > > Kevin "Starfox" Arima > > -- > > NYCwireless - http://www.nycwireless.net/ > > Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ > > Archives: http://lists.nycwireless.net/pipermail/nycwireless/ > > > > -- > NYCwireless - http://www.nycwireless.net/ > Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ > Archives: http://lists.nycwireless.net/pipermail/nycwireless/ > -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/
