Simple Anti-spoofing Name Server, designed to defend against DNS spoofing, suitable for embedded devices and low end boxes.
Latest Change 24/12/2015:
+ add homebrew build script.
sans – A simple anti-spoofing DNS server
Features:
+ Support both UDP and TCP
+ Detect if a domain is polluted
+ Query polluted domains over TCP or SOCKS5
sans file
Note:
+ If SOCKS5 server is not given, polluted domains will be queried over TCP. It’s faster than querying over SOCKS5, but may not work in some networks.
+ Since there is no cache in sans, you may need to set it as an upstream DNS server for Dnsmasq instead of using it directly.
TODO:
– cache
– retry on error
– auto pre-query
– recursive
Installation and usage:
git clone https://github.com/XiaoxiaoPu/sans
autoreconf -if
./configure --prefix=/usr --sysconfdir=/etc
make
sudo make install
cd src
./sans -h (for helper command)
Update:
cd sans folder
git pull
OSX
brew install --HEAD https://github.com/XiaoxiaoPu/sans/raw/master/contrib/homebrew/sans.rb
setup cross compile tool chain:
export PATH="$PATH:/pato/to/cross/compile/toolchain/"
build
autoreconf -if
./configure --host=arm-unknown-linux-gnueabihf \
--prefix=/usr --sysconfdir=/etc
make
Build with MinGW:
autoreconf -if
./configure --host=i686-w64-mingw32
makesample configuration:
user=nobody group=nobody listen=127.0.0.1:5300 socks5=127.0.0.1:1080 test_server=8.8.8.8:53 cn_server=114.114.114.114:53 server=8.8.8.8:53
Source : https://github.com/XiaoxiaoPu