On 8/9/07, Alex Samad <[EMAIL PROTECTED]> wrote: > On Thu, Aug 09, 2007 at 11:11:37AM +1000, Tony Sceats wrote: > > a rather novel and ultimately not recommended for production solution > > would be to use dns-spoof which is a part of the dsniff package - you > > can basically give it hosts file format file and a tcpdump regex and > > it will forge replies for you > > > > you would, of course, have to run it on your gateway machine for it to > > be effective (assuming you're on a switched network) > I run an internal dns (bind9), my problem is that the domain I want to forge > some answers for is hosted externally.
of course you are, sorry you mentioned it already - you could in fact run it on your DNS server very easily, but I think you'd end up with a race condition on the SOA replies from your DNS and the forged replies - could be fun to check :) > I was hoping there was was some way of pre filling the cache with information > that I had provided, give it a very long ttl so that it remains in the cache > and that would have done it. the idea with using this would be to basically not setup anything on your DNS server for the zone you want to partially take over, but then put the particular names you want to overwrite into a hosts file and then run dns-spoof with this file.. Anyway, it's a whole can of worms, and I really wouldn't recommend it unless you're absolutely against a wall - I only mentioned it because it's novel and fun - very easy too I must say good luck! > > > > > > > > > On 8/9/07, Ershad Shafi Chowdhury <[EMAIL PROTECTED]> wrote: > > > have you considered using the "hosts" file to resolve names internally? > > > its > > > ok for a couple of machines, but if you have hundreds, then views seems to > > > be the way to go. > > > > > > On 8/9/07, Alex Samad <[EMAIL PROTECTED]> wrote: > > > > > > > > On Wed, Aug 08, 2007 at 06:22:46PM +1000, Sonia Hamilton wrote: > > > > > * On Wed, Aug 08, 2007 at 08:21:42AM +1000, Alex Samad wrote: > > > > > > I have a domain that is has its primary at dyndns.org. say > > > > example.com. when > > > > > > I am at home I would like my internal DNS server to service > > > > example.com by > > > > > > making a request to the proper NS servers. But for 1 or 2 select > > > > names ie say > > > > > > mail.example.com I would like my internal DNS to return values that > > > > > > I > > > > specify. > > > > > > > > > > I know mention of DJ Bernstein makes many froth at the mouth, but he > > > > > does have some useful tools. One of them, axfr-get [1] I think, allows > > > > > you to do a zone transfer and print out the results in bind compatible > > > > > format (or it could be another one of his tools). From there use a > > > > > script to change the required records, etc, etc. > > > > > > > > > > Dig might also be able to be used; also the O'Reilly DNS cookbook > > > > > probably has a section on how to do this using views. > > > > > > > > yeah looked at this, this was going to be my approach, but they do not > > > > allow > > > > AXFR (dig <domain> AXFR) from unknown sources... > > > > > > > > > > > > > > > > > > > > > > [1] http://cr.yp.to/djbdns/axfr-get.html > > > > > > > > > > -- > > > > > Sonia Hamilton | GNU/Linux - 'free' as in > > > > > . | free speech, not free beer. > > > > > -- > > > > > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > > > > > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > > > Version: GnuPG v1.4.6 (GNU/Linux) > > > > > > > > iD8DBQFGuj0GkZz88chpJ2MRAne1AKCIjUykMXCXaUySw8q3apHmBZ2q7QCgutV5 > > > > DFO+fh4Iaq0IXrbfyj8JldU= > > > > =gv87 > > > > -----END PGP SIGNATURE----- > > > > > > > > -- > > > > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > > > > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > > > > > > > > > > > > > > > > -- > > > Ershad Chowdhury > > > [EMAIL PROTECTED] > > > -- > > > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > > > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > > > > > -- > > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFGuoRnkZz88chpJ2MRAu52AJ945HMMrd74FNYl7JAUjg7pEWCA/ACdH6US > 8u7JDiRrZ13VuFxeApjzlng= > =r10n > -----END PGP SIGNATURE----- > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
