Table des matières

, ,

:TODO_DOCUPDATE:

Résolveur DNS menteur ou fake DNS

Principe

Le résolveur DNS menteur ne retourne pas la bonne réponse mais propose un résultat afin de rerouter le trafic.

Cette pratique pose à la fois des problèmes techniques et politiques notamment:

Plusieurs solutions existent pour paramétrer un DNS menteur: du script python à la configuration de serveurs DNS tels que dnsmasq, Unbound ou Bind (RPZ).

Usages

There are plenty of GOOD uses for dnsmasq; – Block ads: send all known ad domains to a noop ip – Intranet: serve requests for self-hosted domain names (you dont need to register them) and sub domains of any public or internal domain name – Caching: great for connections that pay-per-quota in backwards countries like Australia and 3rd world countries where bandwidth is premium – send some requests of known sites to a proxy (like squid) to potentially filter based on rules (think net nanny for children in your home or school network) – threat detection: enable honeypot techniques for intrusion detection

And they’re just a few I came up with on the spot.. Imagine what a good conversation on the topic might uncover!

Références