当前位置:网站首页>Routeros limited DNS hijacking and check
Routeros limited DNS hijacking and check
2022-07-28 23:20:00 【51CTO】
scene :
The intranet is built inside dns, The development will have some internal domain names to resolve, generally inner*.domain.com, The requirement is first analyzed on the intranet , There is no normal parsing of the external network .
Design description :
Because the domain names that need this function are limited , The principle of minimum impact is only applicable to *.domain.com Conduct dns hijacked ;
To configure :
step1:layer7 dns Identify the configuration
You can use regular matching to match more domain names such as .domain.com|.domain2.com
step2: Turn on routeros Of dns function
Intranet dns server= 192.168.23.56
step3: add to dns hijacked , take step1 The identified request is forwarded to routeros Of 53 On port
Conditions layer7=inner_dns&&udp&&dstPort=53&¬ innerdns
Just put it simply .......
Add a beautiful thing to a contrasting beautiful thing :
Check Intranet dns, If it cannot be resolved, close the hijacking , Once recovered, start hijacking , Intranet required dns There is one that won't fail A Record
step1:script Script -- according to dns Whether it can be parsed for opening and closing
cDomain domain name
cDomainOk Correct parsing record
dnsServer Intranet dns Server address
It's not good-looking. Have a neat :
step2: Add timing task 1 Check every minute
on-event Just fill in script Of name
end:
Rough 、 The details have not been worked out
边栏推荐
- Summary of koltin knowledge points
- Applet, JS, transfer object jump transfer parameter problem
- Recurrent neural network (RNN)
- 【滤波跟踪】基于EKF、时差和频差定位实现目标跟踪附matlab代码
- Will Qualcomm and MediaTek chips soon be sold, and will they surpass Huawei to become the first in China?
- Summary of core functions of software testing tool Fiddler postman JMeter charlse
- The applet vant webapp component is missing, and the referenced component reports an error
- 定了!哪吒S全系产品将于7月31日上市发售
- Vant web app installation reference
- Pgbench benchmark PostgreSQL
猜你喜欢
Assembly analysis swift polymorphism principle
PCA learning
WebView optimization
18 diagrams, intuitive understanding of neural networks, manifolds and topologies
![[filter tracking] target tracking based on EKF, TDOA and frequency difference positioning with matlab code](/img/e5/878bf5908856c80d6e07b03ba59da5.png)
[filter tracking] target tracking based on EKF, TDOA and frequency difference positioning with matlab code
【物理应用】水下浮动风力涡轮机的尾流诱导动态模拟风场附matlab代码
Advanced C language: pointer (3)
Istio微服务治理网格的全方面可视化监控(微服务架构展示、资源监控、流量监控、链路监控)
There are four ways for Nacos to configure hot updates and multiple ways to read project configuration files, @value, @refreshscope, @nacosconfigurationproperties
Shell script foundation - shell operation principle + variable and array definitions
随机推荐
Target detection notes -yolo
Several common methods of SQL optimization
frontiers出版社投稿记录(附状态变化)
CGLIb 创建代理
解决serviceaccount用户认证挂载密文token文件失败导致pod使用anonymous用户问题
WebView optimization
VR全景创业如何开拓市场?如何让创业之路更加顺畅?
Retrofit Usage Summary
安全狗入选《云安全全景图2.0》多个细项
Nacos配置热更新的4种方式、读取项目配置文件的多种方式,@value,@RefreshScope,@NacosConfigurationProperties
解决控制文件全部损坏的异常
弹框遮罩层「建议收藏」
希捷发布全新RISC-V架构处理器:机械硬盘相关性能暴涨3倍
In 2020, the top ten domestic IC design enterprises will be exposed! These five industrial challenges still need to be overcome!
Cglib create proxy
(important) first knowledge of C language -- function
GCD summary
Summary of core functions of software testing tool Fiddler postman JMeter charlse
[C language] implementation of three piece chess games
Win11快捷复制粘贴不能用怎么办?Win11快捷复制粘贴不能用