Because, why not?
I want my network to ask my main box about DNS first, then fall back to the default. While writing this I discovered it will have awesome implications for virtualization an it is even rewarding when seeking vulnerabilities on all systems attached to your access point! So I’m including some fun around that here. Let’s do it.
After a bit of searching I found this promising looking, free, open-source DHCP and DNS server: http://sourceforge.net/projects/dhcp-dns-server/files/Dual DHCP DNS Server/ (I’m definitely checking out the source later, it’s in c++!). I’ve played with this bad-boy for about 30 mins and it’s a lot of fun, super simple to set up, and will be helpful for a variety of network screwing-around in the future.
After the install (I made mine a windows service, but feel free to do it your own way), we need to make some tweaks to an ini file that will control our server. I’ll let you set up your own routers to give your machine a static internal IP- to get Windows to follow suit just change the properties of your network adapter like so:
This tells our ethernet connection to check with my machine for DNS requests, and solidifies our machine’s address on the local network at .147.
Before starting the service, I’ll make a few small changes in the DualServer.ini config file to add my now static internal IP under the [LISTEN_ON] section
And create a fake dns entry that routes back to my machine:
Yea okay, so how is that any different than a hosts file? Well, I can now tell my entire network to route their DNS through me, and establish myself as the all knowing. Furthermore, I can learn a lot about what’s going on within my network if I disable DHCP entirely on my router and wireshark it to grab useful information on every device within my network. Kinda cool.
It was after I disabled the DHCP function on my router and enabled it on my main box that things started to get interesting. Suddenly an ocean of data that I shouldn’t have been receiving was being routed to me. I haven’t done enough research into why this happened, or if it should have, but once I saw this I was gleeful to say the least. Not only my wired devices were affected, but both of the cell phones that were connected to my WiFi started spazzing out as well.
The icing on the cake, was the behavior I was actually looking for- My VM started ignoring my home router and barreling my PC with data. Was my machine under attack by my network, or had I just stumbled onto something interesting?
I almost immediately started looking for a way to harness this- and found that there’s a “Windows Server” feature called “Routing and Remote Access”. I read in more than one place that this isn’t possible under Windows 7, but then I stumbled acrosss A lot of people who said it was. Just one way to find out?
As it turns out, if you’re running Windows 7 Ultimate (as I am) you can actually turn your machine into a router by tweaking some registry values. More on this interesting development in my next post! Try not to break the internets.