On Wed, 2016-06-22 at 01:06 +0000, Jun Xiang X Tee wrote: > I am working on hacking UDP packets returned to "dig" client. I > wish to include some extra information about the "digged" domain > (e.g., facebook.com) at Additional Section of "dig" reply in TXT > format. The ideal result is to be able to see the hacked UDP packets > having the extra information using tools such as Wireshark.
You can't change what the authoritative servers for the facebook.com domain return. You could hack a server in between your dig client and Facebook, though - dig requests info from your server, your server requests info from Facebook, your server modifies the response from Facebook, your server returns the modified response to dig (or whatver made the query) You would need to either return the new information in a form compatible with what dig expects, or you would have to hack dig as well. If you did that, ordinary clients might no longer be able to use the server. >I am still confused on where "dig" gets the UDP packets from. dig makes its own outbound UDP packets (and TCP packets don't forget!). Inbound packets come from whatever server is responding to dig's request. Below are my questions: > (1) Does "dig" get its UDP packets from "named" server? Or "lwresd" > server? Or others? >From whatever server its request went to. You could find out by watching the traffic with eg Wireshark. If you specify the server to dig with @server, then that is the server sending responses packets to dig. > (2) For hacking purpose, I should work on BIND9 source codes. I > don't need to install BIND9 using "apt-get install", right? If you are building and installing from source, right. > (3) Lastly, the most important question: How should I configure DNS > server for "dig"? You don't need to unless you are modifying the protocol. The server will not know it is "dig" querying it; as far as the server is concerned it's just receiving and responding to queries from clients. > I think what I should do is "./dig @chosen_DNS_server > google.com", but I do not know how to configure the server. Not sure what you mean by "configure the server". What DO you mean by "configure the server"? Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (ka...@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4 _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
