DOKK / manpages / debian 12 / dsniff / dnsspoof.8.en
DNSSPOOF(8) System Manager's Manual DNSSPOOF(8)

dnsspoof - forge replies to DNS address / pointer queries



dnsspoof [-i interface] [-f
    hostsfile] [expression]










dnsspoof forges replies to arbitrary DNS address / pointer
    queries on the LAN. This is useful in bypassing hostname-based access
    controls, or in implementing a variety of man-in-the-middle attacks.









  

  
Specify the interface to use.

  

  
Specify the pathname of a file in hosts(5) format. Only one hostname
      allowed per line (no aliases), although hostnames may contain wildcards
      (such as *.doubleclick.net).

  

  
Specify a tcpdump(8) filter expression to select traffic to sniff.




If no hostsfile is specified, replies will be forged for
    all address queries on the LAN with an answer of the local machine's IP
    address.









  
/usr/share/dsniff/dnsspoof.hosts

  
Sample hosts file.










dsniff(8), hosts(5)








Dug Song <dugsong@monkey.org>