DNS Hijacker is a libnet/libpcap based DNS sniffer/spoofer. A versatile tool, it supports tcpdump-style filters that allow you to specifically target victims. DNS answers are forged based on entries in a "fabrication table" or by simply forging one answer to all requests. A print-only mode is also supported, allowing one to simply monitor DNS traffic. DNS Hijacker is an excellent tool for blocking and removing advertisements at the network level. The package comes with a default rule file for blocking about 780 known ad servers, as well as instructions on how to incorporate with RRDTool for ad blocking statistics generation.
|Tags||Security Networking Monitoring|
|Operating Systems||POSIX Linux|
Release Notes: A DLT_RAW datalink interface for PPP users has been added. A buffer overflow condition in the convert name routine has been fixed. Future versions will be ported to use Libnet 1.1.0.
Release Notes: Removal of unused signal handling code which caused x-platform issues, switching to dynamic memory allocation for fabrication table, and changing the pcap_open_live timeout which caused problems on FreeBSD.
Release Notes: DNS Hijacker can now be daemonized. A number of spoofed answers count were added. An option to suppress ignored activity output was added. An option to output statistics via rrdtool was added. Miscellaneous code cleanup was done. A great deal of documentation was added, including instructions for statistics output and ad removal.
No changes have been submitted for this release.