[tor-commits] [ooni-probe/master] Add documentation for the DNSSpoof test
art at torproject.org
art at torproject.org
Thu Dec 6 21:39:59 UTC 2012
commit 6f7e91543e9b11a47efa6ca03a0f2df4fcd438d9
Author: aagbsn <aagbsn at extc.org>
Date: Thu Dec 6 15:25:46 2012 +0000
Add documentation for the DNSSpoof test
---
docs/source/tests/dnsspoof.rst | 111 ++++++++++++++++++++++++++++++++++++++++
1 files changed, 111 insertions(+), 0 deletions(-)
diff --git a/docs/source/tests/dnsspoof.rst b/docs/source/tests/dnsspoof.rst
new file mode 100644
index 0000000..abb08e4
--- /dev/null
+++ b/docs/source/tests/dnsspoof.rst
@@ -0,0 +1,111 @@
+Details
+=======
+
+*Test Name*: DNS Spoof
+
+*Current version*: 0.1
+
+*NetTest*: DNSSpoof (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/nettests/manipulation/dnsspoof.py)
+
+*Test Helper*: DNS Test Helper (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/oonib/testhelpers/dns_helpers.py)
+
+*Test Type*: Traffic Manipulation
+
+*Requires Root*: Yes
+
+Description
+===========
+
+This test performs A queries to a test resolver and a known good control resolver. The query is considered tampered with if the two responses match.
+
+How to run the test
+===================
+
+`./bin/ooniprobe nettests/manipulation/dnsspoof.py [-s] [-k] [-i] -r <test resolver> -h <hostname> -b IP:PORT`
+
+*test resolver* is a single test resolver (IP address).
+*hostname* is the hostname to query.
+*IP:PORT* is the address of the known good "control" resolver.
+*-s, --ipsrc* Do *not* check if IP src and ICMP IP citation match
+*-k, --seqack* Check if TCP sequence number and ACK match in the ICMP citation
+*-i, --ipid* Check if the IPID matches when processing answers
+
+
+Sample report
+=============
+
+From running:
+`./bin/ooniprobe nettests/manipulation/dnsspoof.py -h torproject.org -r 4.2.2.2:53`
+
+::
+
+ ###########################################
+ # OONI Probe Report for DNS Spoof test
+ # Thu Dec 6 11:10:38 2012
+ ###########################################
+ ---
+ options:
+ collector: null
+ help: 0
+ logfile: null
+ pcapfile: null
+ reportfile: null
+ resume: 0
+ subargs: [-h, torproject.org, -r, '4.2.2.2:53']
+ test: nettests/manipulation/dnsspoof.py
+ probe_asn: null
+ probe_cc: null
+ probe_ip: 127.0.0.1
+ software_name: ooniprobe
+ software_version: 0.0.7.1-alpha
+ start_time: 1354828238.0
+ test_name: DNS Spoof
+ test_version: 0.10000000000000001
+ ...
+ ---
+ input: null
+ report:
+ answer_flags: [ipsrc]
+ answered_packets:
+ - - raw_packet: !!binary |
+ RQAAfDj1AAA4EZJIBAICAn8AAAEANQA1AGjH/wAAgYAAAQAEAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+ AQABCnRvcnByb2plY3QDb3JnAAABAAEAAADnAAQm5UgQCnRvcnByb2plY3QDb3JnAAABAAEAAADn
+ AARSw0tlCnRvcnByb2plY3QDb3JnAAABAAEAAADnAARWOx4oCnRvcnByb2plY3QDb3JnAAABAAEA
+ AADnAAQm5UgO
+ summary: 'IP / UDP / DNS Ans "38.229.72.16" '
+ sent_packets:
+ - - raw_packet: !!binary |
+ RQAAPAABAABAEfWrfwAAAQQCAgIANQA1AChvjwAAAQAAAQAAAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+ AQAB
+ summary: 'IP / UDP / DNS Qry "torproject.org" '
+ test_name: test_a_lookup
+ test_runtime: 0.23476505279541016
+ test_started: 1354810238.400979
+ ...
+ ---
+ input: null
+ report:
+ answer_flags: [ipsrc]
+ answered_packets:
+ - - raw_packet: !!binary |
+ RQAAfGQmAAAvEWYLCAgICH8AAAEANQA1AGizfwAAgYAAAQAEAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+ AQABCnRvcnByb2plY3QDb3JnAAABAAEAAAOEAAQm5UgQCnRvcnByb2plY3QDb3JnAAABAAEAAAOE
+ AARSw0tlCnRvcnByb2plY3QDb3JnAAABAAEAAAOEAARWOx4oCnRvcnByb2plY3QDb3JnAAABAAEA
+ AAOEAAQm5UgO
+ summary: 'IP / UDP / DNS Ans "38.229.72.16" '
+ sent_packets:
+ - - raw_packet: !!binary |
+ RQAAPAABAABAEeuffwAAAQgICAgANQA1AChlgwAAAQAAAQAAAAAAAAp0b3Jwcm9qZWN0A29yZwAA
+ AQAB
+ summary: 'IP / UDP / DNS Qry "torproject.org" '
+ test_name: test_control_a_lookup
+ test_runtime: 0.23965692520141602
+ test_started: 1354810238.625988
+ ...
+ ---
+ input: null
+ report: {spoofing: false}
+ test_name: summary
+ test_runtime: 0.00017499923706054688
+ test_started: 1354810238.8703561
+ ...
More information about the tor-commits
mailing list