by Joe Stewart
hacked up by
RobertDanford (robert {AT} servalens.com)
FauxDNS is a fake DNS responder. There are many uses for this.
- Emulating Services for a Sandbox environment
- DNS Sinkholes
- Log requests to specific Domains (spamtraps, etc)
You can download FauxDNS here:
FauxDns.pl or as the attachment below.
Usage Notes:
Script needs more work and will be updated on an ongoing basis. Future version may use libnet/libpcap instead of sockets for performance/flexibility.
All configurable options are partway through the script below the text "CONFIGUREME"
You can bind to a specific IP or to 0.0.0.0/ANY.
logfile is fairly compact at 1 line per DNS request. debug = 1 causes fairly verbose messages on STDOUT.
Currently runs in the foreground.
Set target_ip to the IP address that should be returned in all responses.
listen_(udp|tcp) is provided for custom setups where 53 may already be bound.
Feel free to post requests, bugs, logs here or email them to me directly.
--
RobertDanford - 19 Apr 2007
Feature Requests /
ToDo?
- allow a table or rules to return different IPs based upon what was requested
- log the inbound IP
--
MattJonkman - 19 Apr 2007
Main Web
Show attachments
Hide attachments
txt 
Main Web
Create New Topic
Index
Search
Changes
Preferences
