Update the bind zone file [on hold]












0














My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:




  • I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.


The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?



I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?










share|improve this question









New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.















  • Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
    – Shadur
    20 hours ago
















0














My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:




  • I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.


The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?



I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?










share|improve this question









New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.















  • Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
    – Shadur
    20 hours ago














0












0








0







My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:




  • I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.


The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?



I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?










share|improve this question









New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











My idea was to put a raspberry pi 3 between a host and a router making a bridge between eth0 (host) and a usb ethernet adapter eth1 (router), I used the bridge utility and not the iptables utility:




  • I want to intercept every DNS request from the host, and if it matches with a specific hostname send back a DNS response containing a fake ip address pointing to a cloned website, I'm talking about DNS hijacking.


The problem is that in the bind zone file I have to give an A association with the ip and I don't know it if I will host the website on a rented VPS, and the only way to know the ip is to make a DNS request for it, but in this case I have to update manually the bind zone file, and I can't, are there other ways of doing this?



I noticed that the router gives an ip to the bridge, is it assigned from the router through DHCP?







networking dns raspberry-pi bind






share|improve this question









New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 23 hours ago









Michael Prokopec

1,001116




1,001116






New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked yesterday









Matteo Morawski

1




1




New contributor




Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Matteo Morawski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.






put on hold as too broad by Ipor Sircer, Rui F Ribeiro, Shadur, JigglyNaga, Mr Shunz 14 hours ago


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.














  • Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
    – Shadur
    20 hours ago


















  • Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
    – Shadur
    20 hours ago
















Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago




Apropos of everything else, BIND is massive overkill for what you want to do. Check out dnsdist.
– Shadur
20 hours ago










1 Answer
1






active

oldest

votes


















0














Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.



If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.






share|improve this answer





















  • "but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
    – Matteo Morawski
    19 hours ago












  • @MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
    – user1133275
    18 hours ago


















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.



If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.






share|improve this answer





















  • "but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
    – Matteo Morawski
    19 hours ago












  • @MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
    – user1133275
    18 hours ago
















0














Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.



If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.






share|improve this answer





















  • "but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
    – Matteo Morawski
    19 hours ago












  • @MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
    – user1133275
    18 hours ago














0












0








0






Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.



If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.






share|improve this answer












Hijacking is frowned upon so you would need to write your own tool to do them but it would only work for non SSL, non tunnelled requests so even then it would be not completely effective.



If you want to use a DNS server properly tell your router that your raspberrypi is the DNS to use and it will forward that to all your DHCP clients instead of whatever your router got from the isp.







share|improve this answer












share|improve this answer



share|improve this answer










answered yesterday









user1133275

2,816519




2,816519












  • "but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
    – Matteo Morawski
    19 hours ago












  • @MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
    – user1133275
    18 hours ago


















  • "but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
    – Matteo Morawski
    19 hours ago












  • @MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
    – user1133275
    18 hours ago
















"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago






"but it would only work for non SSL" you mean it won't work if the ip for the site that i want to override is on HTTPS? but if i the dns server intercept the DNS query before it if even get in the router, how it can know if it is or not on SSL?, maybe my last question will result stupid, sincerely i dont know hot this stuff works
– Matteo Morawski
19 hours ago














@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago




@MatteoMorawski en.m.wikipedia.org/wiki/DNS_over_TLS
– user1133275
18 hours ago



Popular posts from this blog

Accessing regular linux commands in Huawei's Dopra Linux

Can't connect RFCOMM socket: Host is down

Kernel panic - not syncing: Fatal Exception in Interrupt