c't References

c't References

vim

Cross Compiling

Hacking

Reverse Engineering Tools

Example - Raspberry Pi as network capture device

Enable forwarding and NAT

#!/bin/sh
IPTABLES="/sbin/iptables"
INTDEV="eth0"
EXTDEV="eth1"
$IPTABLES -F
$IPTABLES -F -t nat
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
$IPTABLES -t nat -A POSTROUTING -j MASQUERADE

Install DHCP server

Use apt-get install isc-dhcp-server and configure /etc/dhcp/dhcpd.confand/etc/default/isc-dhcp-server.conf`.

You have to provide the dns server and the default gateway inside the subnet definition:

subnet 192.168.1.0 255.255.255.0 {
    range 192.168.1.20 192.168.1.30;
    option routers 192.168.1.1;
    option domain-name-servers 8.8.8.8,9.9.9.9;
}

Further details can be found here

Search for DHCP server with NMAP

nmap -sU -p 67 --script=dhcp-discover <target>

unbound

Load archive

# Edit /etc/unbound/unbound.conf: enable include: ...*.conf
cp 01_CacheForwarder.con /etc/unbound/unbound.conf.d/
unbound-checkconf
service unbound restart
dig @localhost ct.de
cp 02_Validate.conf /etc/unbound/unbound.conf.d/
curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache
# Enable root-hints: "/etc/unbound/root.hints"
unbound-anchor -v
dig @localhost dnssec.works
# If it works answer is ;;flags: qr rd ra ad;
# Update root.hints:
cp unbound_updates.sh /etc/cron.weekly
chmod 0755 unbound_updates.sh