Skip to content

puxxustc/sans

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
contrib
contrib
 
 
man
man
 
 
src
src
 
 
test
test
 
 
.coverage.sh
.coverage.sh
 
 
.gitignore
.gitignore
 
 
.lint.sh
.lint.sh
 
 
.travis.yml
.travis.yml
 
 
COPYING
COPYING
 
 
Makefile.am
Makefile.am
 
 
README.md
README.md
 
 
configure.ac
configure.ac
 
 

Repository files navigation

sans

Release License Build Status

Simple Anti-spoofing Name Server, designed to defend against DNS spoofing, suitable for embedded devices and low end boxes.

Features

  1. Support both UDP and TCP
  2. Detect if a domain is polluted
  3. Query polluted domains over TCP or SOCKS5 or NONSTANDARD UDP port DNS server

Build

1. Linux

install GNU autotools according to your distribution, then:

autoreconf -if
./configure --prefix=/usr --sysconfdir=/etc
make
sudo make install

2. OS X

install homebrew first, then:

brew install --HEAD https://github.com/XiaoxiaoPu/sans/raw/master/contrib/homebrew/sans.rb

3. Cross compile

setup cross compile tool chain:

export PATH="$PATH:/pato/to/cross/compile/toolchain/"

build:

autoreconf -if
./configure --host=arm-unknown-linux-gnueabihf \
    --prefix=/usr --sysconfdir=/etc
make

4. Build with MinGW

autoreconf -if
./configure --host=i686-w64-mingw32
make

Configuration

key description
user User to set privilege to, default: nobody
listen Listern address and port, default: 127.0.0.1:53
socks5 SOCKS5 server
test_server DNS server for testing if a domain is polluted, default: 8.8.8.8:53
cn_server DNS server for unpolluted domains, default: 114.114.114.114:53
server DNS server for polluted domains, default: 8.8.8.8:53

sample config file:

use SOCKS5 proxy

user=nobody
group=nobody
listen=127.0.0.1:5300
socks5=127.0.0.1:1080
test_server=8.8.8.8:53
cn_server=114.114.114.114:53
server=8.8.8.8:53

use TCP

user=nobody
group=nobody
listen=127.0.0.1:5300
test_server=8.8.8.8:53
cn_server=114.114.114.114:53
server=8.8.8.8:53

use UDP and a NONSTANDARD port DNS server

user=nobody
group=nobody
listen=127.0.0.1:5300
test_server=8.8.8.8:53
cn_server=114.114.114.114:53
server=208.67.222.222:5353

Note

  1. If SOCKS5 server is not given, polluted domains will be queried over TCP. It's faster than querying over SOCKS5, but may not work in some networks. if run sans with -u parameter, polluted domains will be queried over UDP. It's faster than TCP but your must make sure you set a NONSTANDARD port DNS server, like 5353, 1053 etc, must not be 53.

  2. Since there is no cache in sans, you may need to set it as an upstream DNS server for Dnsmasq instead of using it directly.

TODO

  • cache
  • retry on error
  • auto pre-query
  • recursive

License

Copyright (C) 2014 - 2015, Xiaoxiao [email protected]

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

About

A simple anti-spoofing DNS server

Resources

Readme

License

GPL-3.0 license
Activity

Stars

24 stars

Watchers

6 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages