Skip navigation.
Home

FakeDNS server setup help...

|

Hi All,

I was wondering if anyone had a helpful setup guide for a FakeDNS server? I am trying to utilize one for callbacks and malware analysis, and I am kind of new to this field and do not have much experience with Command Line in Linux enviroments. What I would like to do, is setup two VM's that talk to each other while running simaltaneously. This would allow me to see if the malware is calling out at all. I appreciate all of the assistance and thank all of you in advance.

Under Linux you have this

Under Linux you have this that may fit perfectly for your needs:

http://www.inetsim.org/

REMnux

take a look at Lenny Zeltser's REMnux (http://sourceforge.net/projects/remnux/files/version2/remnux-public-2.0-live-cd.iso/download), it utilizes inetsim as mentioned above, as opposed to installing and configuring yourself. There is a ISSA Journal Article by Russ McRee (http://holisticinfosec.org/toolsmith/pdf/september2010.pdf) as well that is worth reading.

Python Script

Here is a script that I use in my script.

http://code.activestate.com/recipes/491264-mini-fake-dns-server/

you just need to add your fake DNS server's IP on line 33.

There is also http://dnspentest.sourceforge.net/ if yo prefer using Java.

D43M0N