DNS spoofing


DNS is not multicast or broadcast like LLMNR, NBT-NS or mDNS. In order to answer DNS requests, attacker first need to receive them. For instance, this can be achieved with ARP spoofing or DHCPv6 spoofing. DNS spoofing is basically setting up a DNS server and answering DNS queries obtained through man-in-the-middle technique.


Responder's (Python) DNS server feature can be used to answer DNS queries.

responder --interface "eth0"
responder -I "eth0"


Last updated