• Stars
    star
    602
  • Rank 74,409 (Top 2 %)
  • Language
    C
  • Created about 11 years ago
  • Updated almost 9 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A fast DNS server based on C10M principles

robdns: infrastructure DNS server

This is a fast super-slave DNS server, designed to be constantly attacked on the public Internet. The intent is to shield master servers that are hidden behind firewalls. The key feature is a built-in custom TCP/IP stack capable of handling millions of DNS queries-per-second per CPU core.

Currently, this tool is in a prototype stage. It parses records and responds to queries on port 53, but it's missing key features such as dynamic updates.

Building

The only dependency is libpcap-dev (or WinPcap).

Just type make to build the software on Linux, Mac OS X, and Windows (MinGW).

The included XCode4 and VS10 projects should also work on Mac and Windows respectively.

Running

The easiest way to test the server is to run on the comman-line with one or more DNS zone-files, like so:

# robdns example.zone

This will start listening on the any IP address (v4 and v6) on port 53. Zone-files are in the standard format, with a filename ending in .zone, and starting with an SOA record.

To test that it's running, you can use the normal dig command.

$ dig chaos txt version.bind @localhost +short

You should get back the version string of robdns/1.

However, the above example is the slow way of running the software. The intended use is to bypass the kernel's network stack using special drivers like PF_RING. To run in this faster mode, install the drivers and run with a command like the following:

# robdns example.zone dna0 192.168.1.222

In this example, the server will use it's own user-mode TCP/IP stack instead. Currently, this benchmarks to about 1-million packets-per-second for each CPU core.

Feature status

The following RR types have been implemented:

SOA, NS,
A, AAAA, PTR, CNAME,
SSHFP, LOC, TXT, SRV, SPF, HINFO, MX,
DNSKEY, NSEC, NSEC3, NSEC3PARAM, RRSIG, DS, TLSA,
EDNS0,

The following interfaces are supported: sockets, libpcap, PF_RING

Authors

This tool created by Robert Graham: email: [email protected] twitter: @ErrataRob

More Repositories

1

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
C
23,568
star
2

rdpscan

A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
C
894
star
3

heartleech

Demonstrates the "heartbleed" problem using full OpenSSL stack
C
699
star
4

isowall

This is a mini-firewall that completely isolates a target device from the local network.
C
302
star
5

pemcrack

Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON'T JUDGE ME!!!
C
299
star
6

wc2

Investigates optimizing 'wc', the Unix word count program
C
251
star
7

telnetlogger

Simulates enough of a Telnet connection in order to log failed login attempts.
C
237
star
8

hunter-dkim

Discusses how to verify DKIM signatures in old emails, namely one of the Hunter Biden emails in the news
Python
95
star
9

cve-2015-5477

PoC exploit for CVE-2015-5477 BIND9 TKEY assertion failure
C
64
star
10

whats-dec

WhatsApp end-to-end media decryptor
C
63
star
11

wifi-mon

Web-based WiFi monitor
C
60
star
12

hamster

A proxy server for cookie sidejacking. Works with 'ferret'.
55
star
13

cybersymposium

Mike Lindell's cybersymposium files
Rich Text Format
49
star
14

iotpasswds

Recording default/backdoor passwords from IoT devices I come across
38
star
15

ecb-penguin

Demonstrating the famous ECB penguin so that you can repeat the process yourself.
37
star
16

sockdoc

Sample programs demonstrating how to program in C using the Sockets API.
C
35
star
17

packetdump

A packet-sniffer for 10gig networks that writes to compressed files. I created this because
C
27
star
18

non-math-crypto

A non-math, but still technical, guide to cryptography
JavaScript
24
star
19

hellolua

Simple examples of integrating the Lua scripting language into C programs.
C
24
star
20

ferret

A continuation of my 'ferret' project that extracts useful information from networks.
C
23
star
21

dnsparse

Parses DNS responses in a secure, rigorous manner
C
22
star
22

scanme

A lightweight/secure honeypot using Lua scripts.
C
22
star
23

mp4dec

Prototype program to decode a video file looking for exploits/malware.
C
16
star
24

bluetoothid

Identifies Bluetooth Low-energy devices
C
15
star
25

smb-logger

Logs incoming attempts to connect to NetBIOS/SMB
C
14
star
26

echobench

A simple implementation of an 'echo' (port 7) server using epoll (Linux), kqueue (FreeBSD), and IOCompletionPorts (Windows).
C
13
star
27

krackips

C
12
star
28

montyhall-js

The Monty Hall problem, in JavaScript
JavaScript
12
star
29

c10mbench

C
12
star
30

papers

This project is various snippets of code for academic papers.
C
12
star
31

scan-results

Results from some of our scans using masscan.
12
star
32

applevfbi

A collection of all the court filings in the case of Apple being forced to help the FBI unlock the San Bernadino shooter's phone, plus some commentary.
11
star
33

robutils

A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.
C
10
star
34

blxtract

An extractor that grabs CSV files from BLX files for Mike Lindell's cyber-symposium, from code by Dennis Montgomery.
C
9
star
35

modern-sockets

8
star
36

faq-covid-vaccine

Answers to frequently asked covid vaccine questions.
7
star
37

deprogrammer

Students are indoctrinated in a multitude of outdated and wrong concepts.
5
star
38

microvulns

Prominent open-source vulnerabilities extracted into just a few files so they can be easily built, fuzzed, tested, mediated, and so on.
5
star
39

nxbench

Like Apache Bench for benchmarking websites, but using 10,000 concurrent connections instead of 100
C
5
star
40

pcap-strip

Strips out datalink headers (like Ethernet), leaving behind just the raw IP packets.
5
star
41

regexx

My unfinished regex library for multi-pattern matching.
C
4
star
42

buildharden

https://github.com/robertdavidgraham/buildharden
C
3
star
43

snivel

Automatically exported from code.google.com/p/snivel
C
3
star
44

rednoise-stick

Reproducing the climate change Hockey Stick with simple rednoise/whitenoise generator.
HTML
1
star
45

box-scrape

incomplete project for scraping videos from Box.com
JavaScript
1
star