This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity.
Redirecting traffic with dnsRedir.py
05 Sep 2013 – Tim Newsham
Often while performing network protocol testing, we want to be able to redirect traffic going to a legitimate server to a server of our own. If the program in question is on the local machine and uses standard name resolution, it’s quite simple to edit the /etc/hosts file. However, this is not always the case. In these situations, it’s convenient to have a DNS server that provides an intentionally incorrect answer to DNS lookups. Setting up a DNS server can be a pain, and then there’s the matter of wanting to allow most queries to complete normally without interference.
DnsRedir is a small tool built to address this need. It implements a small DNS server in Python that can answer a select few queries with intentionally false data while proxying all other queries through to a real DNS server. It is implemented to be small and easy to carry around. It should work fine in Windows, Linux and OS X, and its only depedency is that a recent version of Python 2.* be installed.
Getting the tool
See the Github repository page for documentation and to download the tool.
