Search the Community
Showing results for tags 'dns server'.
Hello everyone, Today I have been playing with the SpoofDNS feature of the Packet Squirrel (payload 2). I noticed the following: > Redirection of spoofed URL works fine > Internet works fine > Internal resources by DNS name are not accessible (but can be pinged) This almost never causes problems on a private PC but might cause problems on a company network. The user is able to access the internet but can no longer access internal websites. For example, we host a ticket system on the network (tickets.company.nl) which, for example, was no longer accessible. All other internet DNS queries where resolved ok. SpoofDNS is standard on NAT network mode. This is fine. The client thus receives an IP address from the Packet Squirrel. The client first performs a DNS lookup at the Packet Squirrel and the Packet Squirrel routes it to the Spoofed IP if the requested DNS name is on the spoof list. If the name does not appear on the spoof list, I assume that the Packet Squirrel routes the client traffic through the company's DNS server. But I do not think that is the case because the internal resources are no longer available. Which DNS server does the Packet Squirrel use? And is there a fix so that internal resources can be reached. I have already tried to change the network mode to BRIDGE. Then internal resources can be reached again but logically the spoofing does not work because the client make the DNS request at the company DNS server and not at the Packet Squirrel anymore. I am very curious how this works. Hopefully you can help me? Thank you! Sincerely, Jarno
I set up my own web-server with an IPtables captive portal. Works fine if I'm connected to the internet, otherwise the clients don't get redirected because they can't reach the DNS server. So I was wondering if it would be plausible to run a simple DNS server on my own machine... It would also serve as a captive portal so it should answer the same IP to every request. 1) How is it plausible to set up my own DNS server? 2) Will the client who's connected to the AP try to reach my server on AP's port 53 ? Thanks in advance.