Deployment Overview
The following is a network deployment status diagram for DNS intercept simulations.
The DNS server here is configured on the host 172.16.2.51, and the DNS server redirects for the www.baidu.com domain name. There are also two Android computers connected to this DNS server. The first one interacts directly with this DNS server, and the second interacts with DNS through the first shared hotspot.
Copyright notice
Copyright belongs to the author.
Commercial reprint please contact the author for authorization, non-commercial reprint please specify the source.
This article Coding-naga
Published: April 20, 2016
This article link: http://blog.csdn.net/lemon_tree12138/article/details/51306767
Source: CSDN
MORE: Category >> Hacker's invisibility cloak
Directory
- Deployment Overview
- Copyright notice
- Directory
- Environment List
- LAN Internal DNS Server Setup
- Primary DNS Server Configuration
- Mobile-side configuration
- Test
- External Network DNS Server Setup
Environment List
- Ubuntu 14.04
- CentOS 6.5
- Android 6.0 (Samsung)
- Android (Meizu Flyme OS 3.5.2)
- Bind-9
- Terminal Emulator (APK)
LAN internal DNS server set up primary DNS server configuration
The DNS server is deployed on Ubuntu 14.04 above.
(1) Install bind
sudobind9
(2) Configuration named.conf.local
sudo vim /etc/bind/named.conf.local
"test.com" { type master; "/etc/bind/db.test""2.16.172.in-addr.arpa" { type master; "/etc/bind/db.172";};
(3) Configuring forward parsing files Db.test
sudo cp /etc/bind/db.local /etc/bindsudo vim /etc/bind/db.test
/etc/bind/db.test
;; BIND data file for local loopback interface;$TTL604800@inchSOA Test. com. Root. Test. com. (20160427 ; Serial 7200 ; Refresh 3600 ; Retry 43200 ; Expire 86400); Negative Cache TTL;@inchNS ns1. Test. com. ns1inchA172.16. 2. 121WwwinchA172.16. 2. 121
(4) Configure reverse parsing file db.172
sudo cp /etc/bind/db.local /etc/bind/db.172sudo vim /etc/bind/db.172
/etc/bind/db.172
;; BIND data file for local loopback interface;$TTL604800@inchSOA Test. com. Root. Test. com. (20160427 ; Serial 7200 ; Refresh 3600 ; Retry 43200 ; Expire 86400); Negative Cache TTL;@inchNS Test. com.;121 inchPTR www. Test. com.
(5) Restart bind
sudobind9 restart
The normal restart process is as follows
name service... bind9 for9563to die name service... bind9 [ OK ]
Mobile-side configuration Samsung side
(1) DNS
Enter the network settings to modify the DNS name server address to: 172.16.2.51.
(2) hotspot sharing
Share this phone's network in the network settings, the network name is Net-1.
Meizu side
Meizu's settings are simple, just turn on your phone's WiFi connection and connect the Net-1 above.
Test Samsung side
Meizu side
In the above two Tests, it is clear that two phones can ping through the terminal simulator www.test.com the domain name of this test. Indicates that the DNS server is OK.
DNS configuration for extranet DNS servers
(1) Reconfigure named.conf.local
"baidu.com" { type master; "/etc/bind/db.baidu""73.102.202.in-addr.arpa" { type master; "/etc/bind/db.202";};
(2) Configuring forward parsing
sudo mv /etc/bind/db.test /etc/bindsudo vim /etc/bind/db.baidu
/etc/bind/db.baidu
;; BIND data file for local loopback interface;$TTL604800@inchSOA Baidu. com. Root. Baidu. com. (20160427 ; Serial 7200 ; Refresh 3600 ; Retry 43200 ; Expire 86400); Negative Cache TTL;@inchNS ns1. Baidu. com. ns1inchA202.102. the. 147WwwinchA202.102. the. 147
(3) Configure reverse resolution
sudo mv /etc/bind/db.172 /etc/bind/db.202sudo vim /etc/bind/db.202
/etc/bind/db.202
;; BIND data file for local loopback interface;$TTL604800@inchSOA Baidu. com. Root. Baidu. com. (20160427 ; Serial 7200 ; Refresh 3600 ; Retry 43200 ; Expire 86400); Negative Cache TTL;@inchNS Baidu. com.;147 inchPTR www. Baidu. com.
(3) Restart BIND9
sudobind9 restart
The normal startup process is as follows
name service... bind9 for9711to die name service... bind9 [ OK ]
Test Samsung side
(1) Ping
(2) Browser
Meizu side
(1) Ping
(2) Browser
In the above test, although the browser's access is denied. However, this is the same in the Web browser. And the Sina's identity can be clearly found in the information rejected above. Note that this is indeed a truncation and redirection.
DNS Intercept simulation and environment construction