[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [ooni-probe/master] Add documentation for the DNSSpoof test

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [ooni-probe/master] Add documentation for the DNSSpoof test
From: art@xxxxxxxxxxxxxx
Date: Thu, 6 Dec 2012 21:39:59 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 06 Dec 2012 16:40:44 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: aagbsn <aagbsn@xxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 6f7e91543e9b11a47efa6ca03a0f2df4fcd438d9
Author: aagbsn <aagbsn@xxxxxxxx>
Date:   Thu Dec 6 15:25:46 2012 +0000

    Add documentation for the DNSSpoof test
---
 docs/source/tests/dnsspoof.rst |  111 ++++++++++++++++++++++++++++++++++++++++
 1 files changed, 111 insertions(+), 0 deletions(-)

diff --git a/docs/source/tests/dnsspoof.rst b/docs/source/tests/dnsspoof.rst
new file mode 100644
index 0000000..abb08e4
--- /dev/null
+++ b/docs/source/tests/dnsspoof.rst
@@ -0,0 +1,111 @@
+Details
+=======
+
+*Test Name*: DNS Spoof
+
+*Current version*: 0.1
+
+*NetTest*: DNSSpoof (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/nettests/manipulation/dnsspoof.py)
+
+*Test Helper*: DNS Test Helper (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/oonib/testhelpers/dns_helpers.py)
+
+*Test Type*: Traffic Manipulation
+
+*Requires Root*: Yes
+
+Description
+===========
+
+This test performs A queries to a test resolver and a known good control resolver. The query is considered tampered with if the two responses match.
+
+How to run the test
+===================
+
+`./bin/ooniprobe nettests/manipulation/dnsspoof.py [-s] [-k] [-i] -r <test resolver> -h <hostname> -b IP:PORT`
+
+*test resolver* is a single test resolver (IP address).
+*hostname* is the hostname to query.
+*IP:PORT* is the address of the known good "control" resolver.
+*-s, --ipsrc* Do *not* check if IP src and ICMP IP citation match
+*-k, --seqack* Check if TCP sequence number and ACK match in the ICMP citation
+*-i, --ipid* Check if the IPID matches when processing answers
+
+
+Sample report
+=============
+
+From running:
+`./bin/ooniprobe nettests/manipulation/dnsspoof.py -h torproject.org -r 4.2.2.2:53`
+
+::
+
+  ###########################################
+  # OONI Probe Report for DNS Spoof test
+  # Thu Dec  6 11:10:38 2012
+  ###########################################
+  ---
+  options:
+    collector: null
+    help: 0
+    logfile: null
+    pcapfile: null
+    reportfile: null
+    resume: 0
+    subargs: [-h, torproject.org, -r, '4.2.2.2:53']
+    test: nettests/manipulation/dnsspoof.py
+  probe_asn: null
+  probe_cc: null
+  probe_ip: 127.0.0.1
+  software_name: ooniprobe
+  software_version: 0.0.7.1-alpha
+  start_time: 1354828238.0
+  test_name: DNS Spoof
+  test_version: 0.10000000000000001
+  ...
+  ---
+  input: null
+  report:
+    answer_flags: [ipsrc]
+    answered_packets:
+    - - raw_packet: !!binary |
+          RQAAfDj1AAA4EZJIBAICAn8AAAEANQA1AGjH/wAAgYAAAQAEAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+          AQABCnRvcnByb2plY3QDb3JnAAABAAEAAADnAAQm5UgQCnRvcnByb2plY3QDb3JnAAABAAEAAADn
+          AARSw0tlCnRvcnByb2plY3QDb3JnAAABAAEAAADnAARWOx4oCnRvcnByb2plY3QDb3JnAAABAAEA
+          AADnAAQm5UgO
+        summary: 'IP / UDP / DNS Ans "38.229.72.16" '
+    sent_packets:
+    - - raw_packet: !!binary |
+          RQAAPAABAABAEfWrfwAAAQQCAgIANQA1AChvjwAAAQAAAQAAAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+          AQAB
+        summary: 'IP / UDP / DNS Qry "torproject.org" '
+  test_name: test_a_lookup
+  test_runtime: 0.23476505279541016
+  test_started: 1354810238.400979
+  ...
+  ---
+  input: null
+  report:
+    answer_flags: [ipsrc]
+    answered_packets:
+    - - raw_packet: !!binary |
+          RQAAfGQmAAAvEWYLCAgICH8AAAEANQA1AGizfwAAgYAAAQAEAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+          AQABCnRvcnByb2plY3QDb3JnAAABAAEAAAOEAAQm5UgQCnRvcnByb2plY3QDb3JnAAABAAEAAAOE
+          AARSw0tlCnRvcnByb2plY3QDb3JnAAABAAEAAAOEAARWOx4oCnRvcnByb2plY3QDb3JnAAABAAEA
+          AAOEAAQm5UgO
+        summary: 'IP / UDP / DNS Ans "38.229.72.16" '
+    sent_packets:
+    - - raw_packet: !!binary |
+          RQAAPAABAABAEeuffwAAAQgICAgANQA1AChlgwAAAQAAAQAAAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+          AQAB
+        summary: 'IP / UDP / DNS Qry "torproject.org" '
+  test_name: test_control_a_lookup
+  test_runtime: 0.23965692520141602
+  test_started: 1354810238.625988
+  ...
+  ---
+  input: null
+  report: {spoofing: false}
+  test_name: summary
+  test_runtime: 0.00017499923706054688
+  test_started: 1354810238.8703561
+  ...



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [ooni-probe/master] Add documentation for HTTPHeaderFieldManipulation
Next by Author: [tor-commits] [ooni-probe/master] Merge pull request #17 from aagbsn/update_readme_with_https_urls
Previous by thread: [tor-commits] [ooni-probe/master] Add documentation for HTTPHeaderFieldManipulation
Next by thread: [tor-commits] [ooni-probe/master] Merge pull request #17 from aagbsn/update_readme_with_https_urls
Index(es):
- Author
- Thread