DNSSPOOF(8) System Manager's Manual DNSSPOOF(8)NAME
dnsspoof - forge replies to DNS address / pointer queries
SYNOPSIS
dnsspoof [-i interface] [-f hostsfile] [expression]
DESCRIPTION
dnsspoof forges replies to arbitrary DNS address / pointer queries on the LAN. This is useful in bypassing hostname-based access controls,
or in implementing a variety of man-in-the-middle attacks.
OPTIONS -i interface
Specify the interface to use.
-f hostsfile
Specify the pathname of a file in hosts(5) format. Only one hostname allowed per line (no aliases), although hostnames may contain
wildcards (such as *.doubleclick.net).
expression
Specify a tcpdump(8) filter expression to select traffic to sniff.
If no hostsfile is specified, replies will be forged for all address queries on the LAN with an answer of the local machine's IP address.
FILES
/usr/share/dsniff/dnsspoof.hosts
Sample hosts file.
SEE ALSO dsniff(8), hosts(5)AUTHOR
Dug Song <dugsong@monkey.org>
DNSSPOOF(8)
Check Out this Related Man Page
DSNIFF(8) System Manager's Manual DSNIFF(8)NAME
dsniff - password sniffer
SYNOPSIS
dsniff [-c] [-d] [-m] [-n] [-i interface | -p pcapfile] [-s snaplen] [-f services] [-t trigger[,...]]] [-r|-w savefile] [expression]
DESCRIPTION
dsniff is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP,
NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Micro-
soft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols.
dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its
output file format, only logging unique authentication attempts. Full TCP/IP reassembly is provided by libnids(3).
I wrote dsniff with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please
do not abuse this software.
OPTIONS -c Perform half-duplex TCP stream reassembly, to handle asymmetrically routed traffic (such as when using arpspoof(8) to intercept
client traffic bound for the local gateway).
-d Enable debugging mode.
-m Enable automatic protocol detection.
-n Do not resolve IP addresses to hostnames.
-i interface
Specify the interface to listen on.
-p pcapfile
Rather than processing the contents of packets observed upon the network process the given PCAP capture file.
-s snaplen
Analyze at most the first snaplen bytes of each TCP connection, rather than the default of 1024.
-f services
Load triggers from a services file.
-t trigger[,...]
Load triggers from a comma-separated list, specified as port/proto=service (e.g. 80/tcp=http).
-r savefile
Read sniffed sessions from a savefile created with the -w option.
-w file
Write sniffed sessions to savefile rather than parsing and printing them out.
expression
Specify a tcpdump(8) filter expression to select traffic to sniff.
On a hangup signal dsniff will dump its current trigger table to dsniff.services.
FILES
/usr/share/dsniff/dsniff.services
Default trigger table
/usr/share/dsniff/dsniff.magic
Network protocol magic
SEE ALSO arpspoof(8), libnids(3), services(5), magic(5)AUTHOR
Dug Song <dugsong@monkey.org>
BUGS
dsniff's automatic protocol detection feature is based on the classic file(1) command by Ian Darwin, and shares its historical limitations
and bugs.
DSNIFF(8)
Hello all,
I'm having a problem and would like to know if anyone has a solution. I would like to search my /etc/hosts file for and ip address say 10.1.1.1. I'm currently have this IP address as a variable, but I only what it to match it.
I have grep $IP /etc/hosts.
grep `\< $IP>\`... (3 Replies)
Discussion started by: larryase
3 Replies
2. Post Here to Contact Site Administrators and Moderators
Hi,
I had post my queries regarding shared objects (.so) in this forum. But i cant able to see the replies. I doubt whether i had received any replies or not. Kindly help me, to know the procedure to see the replies for my queries.
Thankyou.
Regards,
Senthil. (1 Reply)
Hello,
Iam trying to get the IP of the hostname of the machine from /etc/hosts.
I used the command as below:
But the result shows the IP with the hostname..
like
192.168.0.8 test12111.com
I need to get only 192.168.0.8
Please help
Thanks in advance
esham (11 Replies)
I run - telnet adl001 (where adl001 is a box name) and it works Ok
/etc/hosts file does not have resolution of the ip address for this name
where it can be found ?
Thanks (5 Replies)
Hi all.
I am trying to use BIND9 as DNS server. All goes well, except that i can't lookup my relative LAN hostnames instead of full domain names.
F.e. i can lookup
host hostname.subdomain.domain
but can't
host hostname
This is my master zone file
---------------------
$TTL 3h... (2 Replies)
Can someone tell me what is the best way to get your ip address through a command line command.
cat /etc/hosts | grep `hostname` | awk '{print $1}'
gives 2 ip.
127.0.0.1 and actual ip address
while ifconfig -a gives a lot of information and its difficult to get ip address in between. ... (1 Reply)
Hi,
I have a few questions.
There is a CORBA connection between 2 HP-UX 11.11i hosts.
Then the LAN of the 2nd host is pulled.
On the 1st host all connections disappear, as expected.
But on the 2nd host all connections still are present, as established.
With lsof one can see that the... (2 Replies)
Have been learning a lot off late and am a little unclear about the VIOS setup particularly with regards to redundancy. Would appreciate your help.
My question is very basic. Lets say I have setup a VIOS and 3 LPARs on only one hdd (non scsi). On what do I setup the second VIOS? Could I for... (7 Replies)
I have a script to sort a list of arbitrary hosts and determine if they are supported by grepping them into a master supported list. I cut all the suffixes of the hosts in the arbitrary list, leaving the "short" hostname if you will, then grep -w them into the master list. For example:
... (1 Reply)
Is there any way to see how many queries come into our external DNS server? In looking at DNS providers, most of them base pricing on number of queries per month so I just wanted to see if you had any idea/way of gathering that data? A rough ballpark figure would even work.
Our DNS server is... (1 Reply)
In a .txt file i have a set of teradata queries which i need to execute and capture result for all queries.Is there any way to run teradata queries from a file? (1 Reply)
Can anyone help me to find the data and management IP address on a IBM unix server without looking at the /etc/hosts file. sometimes the hosts file may not make it obvious between the data & mgmt ip addresses. thanks (5 Replies)