Notices

i am really impressed about what comax, torpedo and saturn did to our community by contributing the wondeful application YAMAS.
previouslt i knew nothing about MITM attack and how to run YAMAS. thanks to torpedo for the videos which helped me alot. i am new to linux OS and still learning. i learned few things about yamas and what dsniff package contains. i am really eager to learn about dnsspoof which job is to redirect websites or to prevent hosts to view certain website ( as far as i understood ). i run an office of my own and due to security reasons i want to use the dnsspoof package.
i am hereby familiar to many linux boss in this forum like karam, saturn, comax, freemandragon, saturn and many more. i opened a new thread so that people like me could learn and then teach someone else who is a newbie.

please anyone help me to run dsnspoof with yamas using dsniff. all i kno is that i need to find the ip address of the website with ns lookup. and edit the dnsspoof.conf file. but where to put the file? how to start dnsspoof. please help me anyone??

can anyone please help me before this thread dies. please

can anyone please help me to dnsspoof. i tried evry possible way. i edited the usr/share/ettercap/etter.dns
but before that i ran yamas with ettercap so that it ipforwards and to run ettercap. and ran the dnsspoof with the command :
" ettercap -T -q -M arp:remote -P dns_spoof // "
i got activating dns plugin. but website doesnot redirect. i found the ip with the command for ex: nslookup www.google.com.

can anyone please help me. i am trying my level best. maybe my editing isnt rite but i cant figure out were i went wrng.

take a look at yamas' source, there is DNS spoofing. It should help you understand.
http://comax.fr/yamas.php
http://pastebin.com/7TGfjJuy

If even with the link you provided, and the search you appear to have done, you still can't figure it out, then maybe yuou should try and learn the basics before trying this kind of attack.

sir thanks for your concern. obviously i am new on linux but i did study to know more. the first link- i kno abt all these a bit.2nd link- i hav no idea what is in there. . i kno how to run yamas with ettercap and arpspoof and how to sniif passwords and website information (as shown in the video by torpedo). i kno these things are very easy for you guys but i really got surprised when i saw that a phone could do all these. i then heard about dnsspoof. all i kno is that dnsspoof can redirect hosts to another website and can even block users from visiting particular sites. i need this for my office due to security purpose. its a small institution and thats why i dont want to hire linux professionals. in this process i will get to learn also. maybe i couldnt edit the etter.dns file. maybe i need more help on how to edit that file. this is what i did:

1) found the ip address of the website with nslookup www.google.com. and entered the ip in the /usr/share/ettercap/etter.dns. (below where its written microsoft.com) : i followed few youtube videos.
2) opened yamas with yamas-e since i dont kno how to run ettercap seperately. i guess thats okay.
3) then i typed in another xterm window. - ettercap -T -q -M arp:remote -P dns_spoof.
i got activating dnsspoof plugin. thats it. but the redirecting dint happen. i thing i messed it up in editing the /usr/share/ettercap/etter.dns file.

so a step by step guide would be helpful if there is no problem. . thnx in advance

ettercap -T -q -P dns_spoof. would be enough in a different xterm.
Dns spoofing - be it with ettercap or DNSspoof - is a very messy thing. You don't want to use that for blocking sites in an office... And with a telephone ?!

I'd help you with DNS spoofing, but it seems it's really not what you're looking for.

Again, there is DNS spoofing in Yamas, so even without the code you should be able to comprehend how it works. I made this script for people to learn and get things easily. Did you run it or just watched the video ?

@Mohammed

few things to clear other things for you :

1- dnsspoof or ettercap dns spoof plugin cannot redirect a website to another ex : google.com to talk.maemo.org
it doesn't work like this

2-it can redirect to a local ip
ex : talk.maemo.org to 192.168.1.55 (a random selected ip addres or your IP)
so if you want to block others in your office from accessing a website
you will need to redirect them to an empty local ip
or to your ip for some needs like (activating apache2 server and put an index.html than says : this site is blocked or so)

or (the one i love) activate a metsploit browser exploit and redirect them to your local ip and they get hacked

3- you cannot do any of this if you are using cable (mostly all offices do so)
to arp spoof someone: You and he MUST be using wireless

as for the way using them: http://google.com

hope this helps

@Karam I think you're wrong...

1) It can. But the IP must be a website. So for instance, mutualised-hosted site won't work.
In layman's term : you can redirect to Google.com, but not to comax.fr...

2) just redirect to 127.0.0.1 to block a website (any IP would do of course as long as there is no server running on port 80...) but this is the way it's mostly done.
About metasploit, yes but I don't think he's here yet...

3) Wut ?! Of course you can do it however you are connected... ARP is independant from the type of packets used. It's *Adress Resolution* Protocol so... It resolves adresses whatever the source.
Now, if you are saying this in regard to the use of the cell phone, you might be right since I don't have the phone and don't know how it works when plugged.
If you were talking in general terms, then I suggest you read OSI model to have a better understanding of how the network works : http://en.wikipedia.org/wiki/OSI_model

as i said earlier sir i kno little about linux. yamas includes dsniff and dsniff has many sniffing files like filesnarf, urlsnarf, dnsspoof etc. i kno how to use yamas and what each filesnarff and urlsnarf does.. i got really surprised by seeing what yamas could do. i want to do the following like someone will type www.facebook.com and will automatically redirect to www.google.com bt the name on address bar will be facebook.com. i saw it on a video in youtube.also is it possible to kill other people who are sharing the wifi to get the full bandwith.its possible in android by wifikill application. hope to get support.