Update the bind zone file [on hold]
My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:
- I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.
The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?
I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?
networking dns raspberry-pi bind
edited 23 hours ago
Michael Prokopec
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:
- I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.
The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?
I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?
networking dns raspberry-pi bind
edited 23 hours ago
Michael Prokopec
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago
add a comment |
My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:
- I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.
The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?
I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?
networking dns raspberry-pi bind
edited 23 hours ago
Michael Prokopec
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:
- I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.
The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?
I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?
networking dns raspberry-pi bind
networking dns raspberry-pi bind
edited 23 hours ago
Michael Prokopec
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 23 hours ago
Michael Prokopec
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 23 hours ago
Michael Prokopec
1,001116
edited 23 hours ago
Michael Prokopec
1,001116
edited 23 hours ago
Michael Prokopec
1,001116
1,001116
asked yesterday
Matteo Morawski
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Matteo Morawski
1
asked yesterday
Matteo Morawski
1
1
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago
add a comment |
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago
add a comment |
1 Answer
1
active
oldest
votes
Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.
If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.
answered yesterday
user1133275
2,816519
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.
If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.
answered yesterday
user1133275
2,816519
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
add a comment |
Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.
If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.
answered yesterday
user1133275
2,816519
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
add a comment |
Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.
If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.
answered yesterday
user1133275
2,816519
Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.
If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.
answered yesterday
user1133275
2,816519
answered yesterday
user1133275
2,816519
answered yesterday
user1133275
2,816519
answered yesterday
user1133275
2,816519
2,816519
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
add a comment |
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago
add a comment |
Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago