I know DNS is typically handled by the operating system, but I'm working under the assumption that DNS has been broken on the target system (this is a tool to diagnose DNS misconfiguration). I therefore need to implement DNS myself, to check the results I get back from the system against a known good DNS server.
You can do this with the NSLookup or Dig tools, specifying a DNS server address manually, but it appears the Windows API calls for doing this (e.g. GetAddressByName) don't allow me to specify a server to query, and use the system's configured target instead.
I tried to look for the RFCs on DNS, but unfortunately they are clear as mud to me -- they make the HTTP spec look like the clearest and most well written spec ever produced.
I also don't want to reinvent something that someone else has already done several times before.
You might try: http://25thandclement.com/~william/projects/dns.c.html . Also, see Need To Build Simple DNS Resolver in C
Actually, a Google search of "DNS resolver C" reveals several possibilities.
Try the c-ares library, which as I understand it does implement its own DNS stack. I've used it successfully on linux, and they say that it supports Windows, though I haven't tried it myself. It isn't C++, just plain C, but you can easily enough write a C++ wrapper for it.
It gets bonus points for being asynchronous, and providing hooks by which you can integrate it with an existing event loop.
I know that the question is old, but I haven't found good answer for me here.
I have found poslib as the best dns library with very easy interface.
http://www.vantage-points.org/libvdns.html
http://directory.fsf.org/project/FireDNS/
Did never use this, but maybe that helps you?
I'd suggest libunbound which (together with ldns) is a standalone library included with the Unbound recursive resolver.
It has DNSSEC validation support too, which will become useful as DNSSEC continues to get deployed.
See http://unbound.net/
djbdns contains a DNS client library which you could use:
http://cr.yp.to/djbdns/dns.html
This is independent of the system DNS resolver libraries and will generate the right UDP packets. If you really wanted to get clever, you could combine it with dnscache, or look at the dnstrace utility to resolve names from root servers and see what is really going on.
You'd need to make it work on Windows, of course. Shouldn't be that hard.
Related
I would like to ask if there is a way to read DHCP option in Qt or c++ (Qt would be better) on linux. I have my own cups backend and would like to read option 9 - LPR Servers (all of the listed IP addresses) and use it as device uri.
So I want to know how to get specific (or all) option(s) informations from the DHCP lease.
I've looked to Qt's documentation but wasn't able to find anything useful and couldn't find any c++ libraries for linux.
I had exactly the same problem. I have found a library called Libcrafter which has a lot of features including DHCP support. There is a good example of DHCP usage in their examples. It is example #8.
This requirement is quite specific. I don't know there's such individual library for mere DHCP options.
So my suggestion is that, down one DHCP implementation(http://en.wikipedia.org/wiki/Comparison_of_DHCP_server_software), study how it handles the options.
Take dnsmasq_2.72 as an example, in file src/dhcp-common.c, there's function lookup_dhcp_opt().
I need to capture network traffic that is going in/out of a particular application. The main issue is that I would like to do this in a blocking fashion -- i.e. capture the traffic, perform some analysis and encryption/decryption on it and then forward it along its regular route. So, it must use some sort of a blocking mechanism.
Is there some code or a library that makes this easy to do on Windows (Server 2008 or Win7 will do)? Any C++ (or Python/Java) classes or libraries that already exist?
I intend for the solution to also execute on the same machine as the target app and have administrative privileges.
Any pointers to code samples would be greatly appreciated.
Thanks for your help.
p.s.: I have been looking at WinPcap but from my (limited) understanding, it can't filter/block based on specific applications. Is that right, or did I miss something? Any other solutions out there?
For this you should look at WinDivert. Unlike regular packet sniffers (like winpcap), WinDivert also has the ability to block/filter packets, so it might be what you are looking for. Disclosure: WinDivert is my own project.
I am aware that we can make templates of domains in weblogic very easily using config_builder script. Is there a similar thing in websphere?
I know nothing about WebLogic, but fix pack 9 for WebSphere added something you may find useful. The wsadmin command AdminTask.extractConfigProperties with GenerateTemplates and PortablePropertiesFile options set to true will generate a portable, editable file transferable to another cell. AdminTask.applyConfigProperties is used to read your edited output and apply the properties to a new cell, server, etc. I haven't tried this yet outside of a controlled sandbox environment; so, I'm not sure what pitfalls may await you. But if you have a ton of servers to build, it may be worth your time to do some experimentation.
Here's the IBM doc on the topic.
As far as i know i don't think there is such a capability.
You can use the default product shipped profiles to start with and create the servers and configure them the way you want.
These servers can then be used as a template to build other servers.
I am not sure if this helps you but i thought i would point this out.
Manglu
I have a windows C++ application (mingw, but I guess it doesn't matter). I need to do very occasional obscure types of DNS lookups, such as TXT and AXFR.
The best I can do at the moment is using gethostbyname in winsock, but that doesn't support the above types :(. Does anyone know of a nice library that runs on win32 for DNS lookups?
thanks
thn
I recommend using libunbound which is included in the source distribution of the Unbound recursive DNS server.
It's a full-feature recursive resolver bundled in a library. Alternatively the same group has a generic DNS library with a stub resolver called ldns.
p.s. are you sure mingw doesn't support the UNIX standard libresolv? Check for a function called res_query.
Basically my question is the exact same one as this:
Simple client/server, TCP/IP encrypting the message stream, SSL
The difference is that I need this for pure C++, not .NET. I cannot use 3rd party libraries, so unless it's a Windows system component (like the above) I need something with source so I can get the generel idea and build it myself.
Thanks :)
Quoting the other question for reference:
"Writing a little TCP/IP client server
app. Basically it creates a server,
and then you can create several
different clients and set up a bit of
a chat session. What I am wondering is
there is any way to incorporate, using
standard .net libraries some form of
encryption?
m_mainSocket = new
Socket(AddressFamily.InterNetwork,
SocketType.Stream, ProtocolType.Tcp);
Is there any way of speficying tcp
using rsa?
Or would you (me that is) have to
write some custom libaries to do key
exchange and then encrypt the
subsequent chat messages? I have done
that before for uni but that was in
java but I know it would'nt be hard to
convert them. Just trying not to have
to reinvent the wheel...
Or what about utilising a ssl?
Thanks, Ron."
Have you considered using the ASIO library? think-async dot com/Asio/
There is an example specifically for an SSL based client/server. http://think-async.com/Asio/asio-1.4.1/doc/asio/examples.html#asio.examples.ssl
Its as "pure c++" as you can get.
You can always look at OpenSSL which is open source, but that would be like implement SSL yourself. I would suggest wrapping OpenSSL and use it. Or use the SSL tunnel application available in OpenSSL.
Writing your own encryption code is "not recommended". It's easy enough to make a simple mistake when using one of these libraries, let alone when you try to write one yourself.
What you really want to use is OpenSSL with Boost.ASIO on top of it. If you can't do that then your next best alternative is to use the Internet Explorer COM object. This isn't quite as flexible, but might work out fine depending on what your exact needs are. You can also explore the Win32 API. Last I looked there weren't enough crypto APIs widely available to do this. The final way of dealing with this is to wrap the .NET APIs so that you can make use of them from native C++.
Only if none of that works out for you should you even consider writing this yourself. You will make mistakes and your application will be less secure as a result. So, before you start trying to write your own crypto code you could also try to look at tunnelling SOCKS over SSH and use somebody else's SSH implementation. The next thing I would look at is to buy in the code rather than write it yourself. The code won't be as good as open source offerings as it will be less used so will have more security problems, but it will still be better than anything you would write on your first outing doing this.
Only if you've exhausted all of these options should you think about writing this yourself. Once you think about it you should try all of the other options again to make sure that you didn't miss getting one of them to work for you the first time around.
If you do still write your own implementation then throw it away and use one of the other options before putting it into production use as there will be mistakes that compromise the security to the extent where you probably may as well not have bothered.
Sorry to sound down on all of this, but getting these things right is really hard and not something you can do by just taking a quick look at somebody else's implementation.