Maybe this was discussed before, or more probably I'm overlooking something incredibly obvious. But is it possible to hijack any LAN DNS request by spoofing the UDP response?
The attack would be like: 1) Computer A sends a UDP packet to to the LAN gateway containing a DNS lookup for google.com 2) Computer B is listening on the network and intercepts the DNS lookup 3) Computer B immediately spoofs a DNS response, using a forged response header to make it look like it came from the gateway, saying that google.com resolves to its IP address 4) Computer A receives the spoofed DNS response (faster than the gateway can reply) and thus sends all google.com HTTP requests to computer B 5) Computer B runs a proxy server that silently intercepts all HTTP requests and passes them through to the real Google, setting up a classic man-in-the-middle attack Why wouldn't this work? And is there any real protection against this? -david _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
