DNSSPOOF(8) System Manager's Manual DNSSPOOF(8)NAME
dnsspoof - forge replies to DNS address / pointer queries
SYNOPSIS
dnsspoof [-i interface] [-f hostsfile] [expression]
DESCRIPTION
dnsspoof forges replies to arbitrary DNS address / pointer queries on the LAN. This is useful in bypassing hostname-based access controls,
or in implementing a variety of man-in-the-middle attacks.
OPTIONS -i interface
Specify the interface to use.
-f hostsfile
Specify the pathname of a file in hosts(5) format. Only one hostname allowed per line (no aliases), although hostnames may contain
wildcards (such as *.doubleclick.net).
expression
Specify a tcpdump(8) filter expression to select traffic to sniff.
If no hostsfile is specified, replies will be forged for all address queries on the LAN with an answer of the local machine's IP address.
FILES
/usr/share/dsniff/dnsspoof.hosts
Sample hosts file.
SEE ALSO dsniff(8), hosts(5)AUTHOR
Dug Song <dugsong@monkey.org>
DNSSPOOF(8)
Check Out this Related Man Page
ARPSPOOF(8) System Manager's Manual ARPSPOOF(8)NAME
arpspoof - intercept packets on a switched LAN
SYNOPSIS
arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host
DESCRIPTION
arpspoof redirects packets from a target host (or all hosts) on the LAN intended for another host on the LAN by forging ARP replies. This
is an extremely effective way of sniffing traffic on a switch.
Kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter(8)) must be turned on ahead of time.
OPTIONS -i interface
Specify the interface to use.
-c own|host|both
Specify which hardware address t use when restoring the arp configuration; while cleaning up, packets can be send with the own
address as well as with the address of the host. Sending packets with a fake hw address can disrupt connectivity with certain
switch/ap/bridge configurations, however it works more reliably than using the own address, which is the default way arpspoof cleans
up afterwards.
-t target
Specify a particular host to ARP poison (if not specified, all hosts on the LAN). Repeat to specify multiple hosts.
-r Poison both hosts (host and target) to capture traffic in both directions. (only valid in conjuntion with -t)
host Specify the host you wish to intercept packets for (usually the local gateway).
SEE ALSO dsniff(8), fragrouter(8)AUTHOR
Dug Song <dugsong@monkey.org>
ARPSPOOF(8)
Hello all,
I'm having a problem and would like to know if anyone has a solution. I would like to search my /etc/hosts file for and ip address say 10.1.1.1. I'm currently have this IP address as a variable, but I only what it to match it.
I have grep $IP /etc/hosts.
grep `\< $IP>\`... (3 Replies)
Discussion started by: larryase
3 Replies
2. Post Here to Contact Site Administrators and Moderators
Hi,
I had post my queries regarding shared objects (.so) in this forum. But i cant able to see the replies. I doubt whether i had received any replies or not. Kindly help me, to know the procedure to see the replies for my queries.
Thankyou.
Regards,
Senthil. (1 Reply)
Hello,
Iam trying to get the IP of the hostname of the machine from /etc/hosts.
I used the command as below:
But the result shows the IP with the hostname..
like
192.168.0.8 test12111.com
I need to get only 192.168.0.8
Please help
Thanks in advance
esham (11 Replies)
I run - telnet adl001 (where adl001 is a box name) and it works Ok
/etc/hosts file does not have resolution of the ip address for this name
where it can be found ?
Thanks (5 Replies)
Hi all.
I am trying to use BIND9 as DNS server. All goes well, except that i can't lookup my relative LAN hostnames instead of full domain names.
F.e. i can lookup
host hostname.subdomain.domain
but can't
host hostname
This is my master zone file
---------------------
$TTL 3h... (2 Replies)
Can someone tell me what is the best way to get your ip address through a command line command.
cat /etc/hosts | grep `hostname` | awk '{print $1}'
gives 2 ip.
127.0.0.1 and actual ip address
while ifconfig -a gives a lot of information and its difficult to get ip address in between. ... (1 Reply)
Hi,
I have a few questions.
There is a CORBA connection between 2 HP-UX 11.11i hosts.
Then the LAN of the 2nd host is pulled.
On the 1st host all connections disappear, as expected.
But on the 2nd host all connections still are present, as established.
With lsof one can see that the... (2 Replies)
Have been learning a lot off late and am a little unclear about the VIOS setup particularly with regards to redundancy. Would appreciate your help.
My question is very basic. Lets say I have setup a VIOS and 3 LPARs on only one hdd (non scsi). On what do I setup the second VIOS? Could I for... (7 Replies)
I have a script to sort a list of arbitrary hosts and determine if they are supported by grepping them into a master supported list. I cut all the suffixes of the hosts in the arbitrary list, leaving the "short" hostname if you will, then grep -w them into the master list. For example:
... (1 Reply)
Is there any way to see how many queries come into our external DNS server? In looking at DNS providers, most of them base pricing on number of queries per month so I just wanted to see if you had any idea/way of gathering that data? A rough ballpark figure would even work.
Our DNS server is... (1 Reply)
In a .txt file i have a set of teradata queries which i need to execute and capture result for all queries.Is there any way to run teradata queries from a file? (1 Reply)
Can anyone help me to find the data and management IP address on a IBM unix server without looking at the /etc/hosts file. sometimes the hosts file may not make it obvious between the data & mgmt ip addresses. thanks (5 Replies)