ABOUT ME (HTTPS://BLOG.HECKEL.

XYZ/ABOUT/)

PAPERS (HTTPS://BLOG.HECKEL.XYZ/PAPERS/)
PROJECTS (HTTPS://BLOG.HECKEL.XYZ/PROJECTS/)

My nameMAP
TRAVEL is Philipp C. Heckel and I write about nerdy things.
(HTTPS://BLOG.HECKEL.XYZ/TRAVEL-MAP/)
This site moved here recently from blog.philippheckel.com!
Stay connected

HOW TO: DNS SPOOFING WITH A SIMPLE DNS SERVER SEARCH

USING DNSMASQ
(http://blog.heckel.xyz/)
Jul 18 / 2013
10 (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-simple-dns-server-using-

dnsmasq/#comments)
DNS (https://blog.heckel.xyz/tag/dns/), Dnsmasq (https://blog.heckel.xyz/tag/dnsmasq/), Security
(https://blog.heckel.xyz/tag/security/)

ADMINISTRATION
(HTTPS://BLOG.HECKEL.XYZ/CATEGORY/ADMINISTRATION/), LINUX
(HTTPS://BLOG.HECKEL.XYZ/CATEGORY/LINUX/), SECURITY
(HTTPS://BLOG.HECKEL.XYZ/CATEGORY/SECURITY/)

How To: DNS spoo耂ng with a

simple DNS server using
Dnsmasq
(https://blog.heckel.xyz/2013/07/18/how-
to-dns-spoo耂ng-with-a-
simple-dns-server-using-
dnsmasq/)
The Domain Name System (http://en.wikipedia.org/wiki/Domain_Name_System) (DNS) is one of the
fundamental services of the Internet. By resolving domain names to IP addresses, it makes routing of
IP packets possible and thereby lets browsers and other clients connect to remote servers using all
kinds of protocols. By blindly connecting to the IP address returned by the DNS server, however, users
put a lot of trust into DNS, because by default, DNS responses are not validated or veri耂ed.

In this blog post, I’d like to demonstrate how to easily set up a DNS server that allows you to easily
forge certain entries manually — thereby allowing you to either block certain domains from your
network or to pretend that you are a certain website. This scenario is commonly referred to as DNS
forgery or DNS spoo耂ng (https://en.wikipedia.org/wiki/DNS_spoo耂ng).

Contents
1. Why forge DNS entries? (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-simple-
dns-server-using-dnsmasq/#Why-forge-DNS-entries)
2. Forge DNS entries with Dnsmasq (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-
a-simple-dns-server-using-dnsmasq/#Forge-DNS-entries-with-Dnsmasq)
2.1. Download and install Dnsmasq (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-
with-a-simple-dns-server-using-dnsmasq/#Download-and-install-Dnsmasq)
2.2. Con耂gure Dnsmasq (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-
simple-dns-server-using-dnsmasq/#Con耂gure-Dnsmasq)
2.3. Add forged DNS entries (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-
simple-dns-server-using-dnsmasq/#Add-forged-DNS-entries)
2.4. Test and run server (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-
simple-dns-server-using-dnsmasq/#Test-and-run-server)
2.5. Change router/client DNS server (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-
with-a-simple-dns-server-using-dnsmasq/#Change-router-client-DNS-server)
3. Possible usages (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-simple-dns-
server-using-dnsmasq/#Possible-usages)
3.1. Phishing/malicious websites (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-
a-simple-dns-server-using-dnsmasq/#Phishing-malicious-websites)
3.2. Blocking content / Internet censorship (https://blog.heckel.xyz/2013/07/18/how-to-dns-
spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#Blocking-content-Internet-censorship)
3.3. Man-in-the-middle attacks (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-
a-simple-dns-server-using-dnsmasq/#Man-in-the-middle-attacks)

1. Why forge DNS entries?

DNS is responsible for managing the Internet’s namespace of domains by translating domain names
into IP addresses. Even though it sounds like a very simple task, this translation carries a great
responsibility because it is an essential step to make communication between most machines even
possible. Before a machine can connect to another machine and start the actual communication, a DNS
request must resolve the name of the destination machine. In short, before you can connect to
“example.com”, you 耂rst need to know its IP address.

And because machines blindly connect to the IP address returned by the DNS server, being able to
forge speci耂c (or all) of its entries means that the client connects to a di耂erent server – i.e. the
connection is rerouted to a destination of your choice.

There are multiple reasons for wanting to reroute tra耂c. The two most prominent ones are to block
access to a site or service, or to eavesdrop the connection using a man-in-the-middle attack
(https://en.wikipedia.org/wiki/Man-in-the-middle_attack) (MITM).

Blocking sites: Especially in the last couple of years, many governments all over the world have
used DNS forgery/spoo耂ng to block access to various kind of Internet content (e.g. social
networks, political/religious content, pornography, piracy sites, etc.). And although blocking on
DNS-level is pointless (using a di耂erent DNS server circumvents the blockage), it’s very easy to
implement (as shown in this post) and is hence often used.
Eavesdropping the connection (MITM): Rerouting all IP packets to a certain machine makes it
possible to eavesdrop on the connection by listening local network interface. Using tools like
Wireshark (https://www.wireshark.org/), mitmproxy (http://mitmproxy.org/) (see mitmproxy
tutorial here (/2013/07/01/how-to-use-mitmproxy-to-read-and-modify-https-tra耂c-of-
 your-phone/)) or SSLsplit (http://www.roe.ch/SSLsplit) (see SSLsplit tutorial here
(/2013/08/04/use-sslsplit-to-transparently-sni耂-tls-ssl-connections/)), this can be done
without much e耂ort — for both plain text protocols (HTTP, SMTP, etc.) as well as SSL-based
requests (HTTPS, etc.).

2. Forge DNS entries with Dnsmasq

The scenario described in this tutorial uses the very tiny DNS server Dnsmasq
(http://www.thekelleys.org.uk/dnsmasq/doc.html) to forge DNS entries. In short, the following steps
will show you how to set up Dnsmasq and con耂gure it to forward all DNS requests to Google’s DNS
server — except the ones that you’d like to forge.

Once Dnsmasq is installed and running, clients must be told to use this DNS server to resolve IP
addresses. This can be done by changing the router con耂guration or the network settings of the
operating system or mobile device.

2.1. Download and install Dnsmasq

On some systems, Dnsmasq is already installed and running by default as a local DNS server (for
caching puposes). If not, you 耂rst need to download and install Dnsmasq. You can do that in
Ubuntu/Debian using apt-get like this.

Shell

1 apt‐get install dnsmasq‐base

2.2. Con耂gure Dnsmasq

Dnsmasq stores it’s con耂guration in /etc/dnsmasq.conf and reads the 耂le on startup. By default, the
耂le does not exist and Dnsmasq simply uses the default settings when run.

The 耂rst step is to create or modify this 耂le and add the following lines:

Create /etc/dnsmasq.conf with the following contents

1 no‐dhcp‐interface=
2 server=8.8.8.8
3  
4 no‐hosts
5 addn‐hosts=/etc/dnsmasq.hosts

These four con耂g lines tell Dnsmasq to use Google’s DNS server (with IP address 8.8.8.8) as upstream
server if a request cannot be answered and lookup local DNS entries in /etc/dnsmasq.hosts instead of
the normal location at /etc/hosts . The 耂rst line tells Dnsmasq to not start a DHCP interface, because
it’s simply not necessary for this example.

2.3. Add forged DNS entries

The above con耂g 耂le tells Dnsmasq to look in /etc/dnsmasq.hosts to check for all entries it is (or feels)
responsible for. By default, this 耂le does not exist and needs to be created:

Create /etc/dnsmasq.hosts and add forged entries

1 192.168.1.99 www.facebook.com
2 192.168.1.98 www.microsoft.com microsoft.com
3 192.168.1.97 www.any.domain any.domain
The format of the 耂le is very simple and identical to the /etc/hosts 耂le: Each line contains an IP
address and (separated by spaces or tabs) one or many corresponding domains. Any request to
“www.any.domain”, for instance, would be resolved to “192.168.1.97”.

2.4. Test and run server

Having created the two con耂g 耂les from above, Dnsmasq can now be run or restarted. The easiest way
is to simply kill it, and then restart it. For test purposes, the options ‐‐no‐daemon (debug mode, don’t
fork to background) and ‐‐log‐queries (log requests to STDOUT) are probably the best options:

Shell

1 killall ‐9 dnsmasq
2 dnsmasq ‐‐no‐daemon ‐‐log‐queries

To locally test that Dnsmasq returns the correct, i.e. the forged, result, you can either use the host
utility or dig . Here is an example with dig .

Shell

1 $ dig @192.168.178.28 +short www.facebook.com 
2 192.168.1.99
3  
4 $ dig @192.168.178.28 +short www.google.com
5 173.194.70.99
6 173.194.70.105
7 173.194.70.147
8 173.194.70.106
9 173.194.70.103
10 173.194.70.104

The example above tells dig to use 192.168.178.28 as DNS server (the machine on which Dnsmasq is
running) and only return a short response ( +short option, no comments) for the domain
“www.facebook.com”, and “www.google.com” in the second call.

As desired, Dnsmasq returns the IP address 192.168.1.99 for “www.facebook.com”, even though the
real domain points to 31.13.81.33 (at least at the time of writing). The IP addresses for
“www.google.com”, however, are real and come from the upstream DNS server speci耂ed in the
Dnsmasq con耂g (8.8.8.8).

Shell

1 $ dnsmasq ‐‐no‐daemon ‐‐log‐queries
2 dnsmasq: started, version 2.63rc6 cachesize 150
3 dnsmasq: compile time options: IPv6 GNU‐getopt DBus i18n IDN DHCP DHCPv6 no‐Lua TFTP conntrack
4 dnsmasq: using nameserver 8.8.8.8#53
5 dnsmasq: read /etc/dnsmasq.hosts ‐ 1 addresses
6 dnsmasq: query[A] www.facebook.com from 192.168.178.20
7 dnsmasq: /etc/dnsmasq.hosts www.facebook.com is 192.168.1.99
8 dnsmasq: query[A] www.google.com from 192.168.178.20
9 dnsmasq: forwarded www.google.com to 8.8.8.8
10 dnsmasq: reply www.google.com is 173.194.70.99
11 dnsmasq: reply www.google.com is 173.194.70.105
12 dnsmasq: reply www.google.com is 173.194.70.147
13 dnsmasq: reply www.google.com is 173.194.70.106
14 dnsmasq: reply www.google.com is 173.194.70.103
15 dnsmasq: reply www.google.com is 173.194.70.104
16 ...

The Dnsmasq STDOUT output resembles exactly that (see above). The 耂rst request is found locally in
/etc/dnsmasq.hosts , but the second request is forwarded to the upstream server.
Once you are sure that your DNS server works, you can start it without any command line options
(simply dnsmasq ), and it will run in the background, answering DNS queries to any machine that asks.

2.5. Change router/client DNS server

For your local network clients (such as your phone or laptop) to use the DNS server, however, you can
either change each individual device’s network settings, or simply adjust your local router’s settings.

3. Possible usages

DNS spoo耂ng can be used in many possible ways — unfortunately none of them can be used for
anything good. The following two of sections explain the two most common usages.

3.1. Phishing/malicious websites

DNS spoo耂ng can be easily used to create phishing (https://en.wikipedia.org/wiki/Phishing) sites or

any other kind of malicious websites. Especially for purely HTTP-based websites (not HTTPS, see
below), a browser will not know the di耂erence between the real site and the site delivered by any
other web server.

All that needs to be done is to set up a web server on the machine with the IP address that answers to
the target hostname. So, continuing the example from above, if the target hostname was
“www.facebook.com” and the forged DNS entry returned “192.168.1.99”, the machine with this IP
address needs to set up a virtual host to answer HTTP request for “www.facebook.com”. For the
Apache web server (https://httpd.apache.org/), a virtual host con耂guration
(http://httpd.apache.org/docs/current/vhosts/examples.html) would look something like this:

1 <VirtualHost *:80>
2   DocumentRoot "/srv/www/fakebook/public_html"
3   ServerName www.facebook.com
4   ...
5 </VirtualHost>

If a browser client now goes to “www.facebook.com”, the DNS response will say “192.168.1.99” and the
browser will connect to that IP address, asking for “www.facebook.com” in the HTTP request:

1 GET / HTTP/1.1
2 Host: www.facebook.com
3 ...

And because the Apache con耂guration is set up to answer to that virtual host, the web site and scripts
residing in “/srv/www/fakebook/public_html” will be delivered to the client. The Apache access log will
say something like this:

1 www.facebook.com:80 192.168.178.20 ‐ ‐ [21/Jul/2013:20:53:12 +0200] 
2   "GET / HTTP/1.1" 200 315 "‐" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML,
3   like Gecko) Chrome/27.0.1453.93 Safari/537.36"

And for the client, it will look something like this:

This scenario obviously only works for HTTP and assumes that the DNS server with the spoofed entries
is used. For HTTPS requests or any other SSL-based protocols, this method will not work, because the
web server cannot deliver a valid CA-signed certi耂cate to the client which will lead to a certi耂cate
error in the browser. To break HTTPS so that the client does not realize it, a man-in-the middle attack
is necessary (see below, or my post about how to sni耂 into HTTPS connections (/2013/07/01/how-to-
use-mitmproxy-to-read-and-modify-https-tra耂c-of-your-phone/)).

3.2. Blocking content / Internet censorship

Another possible usage of DNS spoo耂ng is the blocking/耂ltering/censoring of content for Internet
users. From a technical perspective, the setup for DNS-based content 耂ltering is exactly the same as
for the phishing sites (see above), however, the intention is very di耂erent: While phishing/malicious
sites typically try to trick to user by delivering a very similar site to the one expected, the strategy of
DNS blocking aims to prevent users from accessing certain content, such as piracy sites, pornography
or religious/political sites.

(https://dqtpg127g2l9y.cloudfront.net/wp-

content/uploads/2013/07/stopschild.jpg)

Example: About four years ago (2009 – 2011), Germany almost passed a law would have forced ISPs to use DNS
blocking to prevent users from accessing child pornography sites. The image above shows the “stop” sign that users
would have seen when trying to access such a site. In December 2011, the law was ultimately repealed.

DNS blocking is typically used in large corporations or countries. And although it is very easy to
circumvent by using a di耂erent DNS server, it is widely popular due to its easy setup.
3.3. Man-in-the-middle attacks

Being able to steer user communication in your directions makes it possible to listen in on the
connections by using tools such as Wireshark (http://www.wireshark.org/) (many protocols) or
tcpdump (http://www.tcpdump.org/) for unencrypted connections, and mitmproxy
(http://mitmproxy.org/) (HTTPS only) or sslplit (http://www.roe.ch/SSLsplit) (any SSL/TCP) for
encrypted connections.

Depending on what tool it is, it might be possible to either just monitor tra耂c on a speci耂c network
interface, or even alter requests and responses on the 耂y. If you’re interested, check out my tutorial on
how to use mitmproxy to read and modify HTTPS tra耂c (
http://blog.philippheckel.com/2013/07/01/how-to-use-mitmproxy-to-read-and-modify-https-
tra耂c-of-your-phone/).

10 COMMENTS

John August 26th, 2013 (https://blog.heckel.xyz/2013/07/18/how-to-dns-

spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-45461)

Very well put-together article, Keep it up, believe me it’s appreciated :)

Nishant Soni (http://linuxlantern.com) October 14th, 2013

(https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-simple-dns-server-
using-dnsmasq/#comment-52209)

Pretty good and detailed article. dnsmasq certainly looks interesting.

Ken December 12th, 2013 (https://blog.heckel.xyz/2013/07/18/how-to-dns-

spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-52480)

Here’s one ‘spoo耂ng for good’ — redirecting smartphone clients to a development

website for testing how well the new responsive theme works. Windows and Linux
systems have a hosts 耂le that can be edited by an administrator, but iPhones and
Androids must be jailbroken or rooted to edit the hosts 耂le.

Gabriel Garza May 2nd, 2014 (https://blog.heckel.xyz/2013/07/18/how-to-dns-

spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-57184)

Another benign usage is to redirect LAN clients to internal services (that also have
an external name that would resolve to an external IP that might not be reachable
from inside the network due to router/NAT issues, or that it would be ine耂cient
to send out to the router only to turn it back to your servers) or to also resolve
internal names only available in your Intranet or VPN (maybe if you have your AD
tree as a subdomain of a public DNS).

Des April 3rd, 2015 (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-

with-a-simple-dns-server-using-dnsmasq/#comment-176504)

What a superb and well written article! In recent weeks I have spent hours
researching how to make a raspberrypi wireless server that will direct any and all
user tra耂c to the index page of my website hosted on the raspberrypi.

While I have not yet fully achieved my goal I am very close and reading your
article taught me more about dnsmasq in 20 mins than from the hours of reading
other articles.

Written in a very concise yet easy to follow style your article is a pleasure to read.
Many thanks for posting.

Regards,
Des.

asd May 13th, 2015 (https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-

with-a-simple-dns-server-using-dnsmasq/#comment-181857)

for this to actually be “malicious” you need to pose your DNS server as another
DNS server, which the victim uses. else this is just child play. another way of
providing making a positive use of this, on which i’m working on, is to set up
dnsmasq on a ddwrt gateway router, to actually block a list of phishing/amlware
domains by sending them to 127.0.0.1.

Rev. Bobby November 23rd, 2015 (https://blog.heckel.xyz/2013/07/18/how-to-

dns-spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-202835)

Is it possible to use dnsmasq to resolve various domain requests (fake) virtual

“localhost” zones on a single computer where the requests are from clients on an
Access Point that can rout to this server IP *.80. For example Like this:
http://www.trump.com (http://www.trump.com) /var/www/html/trump.com |
http://www.obama.com (http://www.obama.com) /var/www/html/obama.com/ |
http://www.hillary.com (http://www.hillary.com) /var/www/html/hillary.com ? I
am using Ubuntu Server LTS 14.04. Thanks.

Matthew November 28th, 2015 (https://blog.heckel.xyz/2013/07/18/how-to-

dns-spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-203577)

Is this an example of cache poisoning?

 Avinash Kanojia December 29th, 2016 (https://blog.heckel.xyz/2013/07/18/how-
to-dns-spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-221143)

I have one question regarding dnsmasq. When i use dns masq for blocking all
websites and allow few it just blocks my local network also. So no network
browsing.. so please help me in this

Chiny January 25th, 2017 (https://blog.heckel.xyz/2013/07/18/how-to-dns-

spoo耂ng-with-a-simple-dns-server-using-dnsmasq/#comment-221938)

I’d like to argue against “DNS spoo耂ng can be used in many possible ways —
unfortunately none of them can be used for anything good.” I’m using your
technique on my DNSmasq system to intercept the multiple requests my iOS
devices make on the Apple ntp server, re-directing them all to my own ntp server
(a GPS-kitted Raspberry Pi). Saves bandwidth, less o耂set, less jitter – all good :-)

LEAVE A COMMENT

I'd very much like to hear what you think of this post. Feel free to leave a comment. I usually respond
within a day or two, sometimes even faster. I will not share or publish your e-mail address anywhere.

NAME*

EMAIL*

WEBSITE

COMMENT*

COMMENT

ABOUT ME

Philipp C. Heckel (/about/)

(/about/)
 
Principal Engineer
and Team Lead at
TAGS Datto
(http://www.datto.com/)

Bash (https://blog.heckel.xyz/tag/bash/) Cloud Computing

(https://blog.heckel.xyz/tag/cloud-computing/) Code Snippets
(https://blog.heckel.xyz/tag/code-snippets/) Cron (https://blog.heckel.xyz/tag/cron/)
Debian (https://blog.heckel.xyz/tag/debian/) Distributed Systems
(https://blog.heckel.xyz/tag/distributed-systems/) Hacking (https://blog.heckel.xyz/tag/hacking/)

Java (https://blog.heckel.xyz/tag/java/) Linux

(https://blog.heckel.xyz/tag/linux/) Mail (https://blog.heckel.xyz/tag/mail/)
Mobile (https://blog.heckel.xyz/tag/mobile/) PHP (https://blog.heckel.xyz/tag/php/) Scripts
(https://blog.heckel.xyz/tag/scripts/) Security
(https://blog.heckel.xyz/tag/security/) SSL (https://blog.heckel.xyz/tag/ssl/)
Syncany (https://blog.heckel.xyz/tag/syncany/) Synchronization
(https://blog.heckel.xyz/tag/synchronization/) TLS (https://blog.heckel.xyz/tag/tls/) Ubuntu
(https://blog.heckel.xyz/tag/ubuntu/) ZFS (https://blog.heckel.xyz/tag/zfs/)

POPULAR POSTS

(https://blog.heckel.xyz/2008/05/16/roundcube-login-via-php-script/)
Roundcube login via PHP script (https://blog.heckel.xyz/2008/05/16/roundcube-
login-via-php-script/) (208)

(https://blog.heckel.xyz/2013/07/07/send-whatsapp-messages-via-php-script-
using-whatsapi/)
Send WhatsApp messages via PHP using WhatsAPI
(https://blog.heckel.xyz/2013/07/07/send-whatsapp-messages-via-php-script-
using-whatsapi/) (156)

(https://blog.heckel.xyz/2013/07/01/how-to-use-mitmproxy-to-read-and-
modify-https-tra耂c-of-your-phone/)
How To: Use mitmproxy to read and modify HTTPS tra耂c
(https://blog.heckel.xyz/2013/07/01/how-to-use-mitmproxy-to-read-and-
modify-https-tra耂c-of-your-phone/) (60)

(https://blog.heckel.xyz/2013/07/05/how-to-sni耂-the-whatsapp-password-
from-your-android-phone-or-iphone/)
How To: Sni耂 the WhatsApp password from your Android phone or iPhone
(https://blog.heckel.xyz/2013/07/05/how-to-sni耂-the-whatsapp-password-
from-your-android-phone-or-iphone/) (59)

(https://blog.heckel.xyz/2013/08/04/use-sslsplit-to-transparently-sni耂-tls-ssl-
connections/)
Use SSLsplit to transparently sni耂 TLS/SSL connections - including non-HTTP(S)
protocols (https://blog.heckel.xyz/2013/08/04/use-sslsplit-to-transparently-
sni耂-tls-ssl-connections/) (55)
ARCHIVES

Jan ‘17 Mar ‘14 Jan ‘11

(https://blog.heckel.xyz/2017/01/)
(https://blog.heckel.xyz/2014/03/)
(https://blog.heckel.xyz/2011/01/)
Dec ‘16 Feb ‘14 Aug ‘10
(https://blog.heckel.xyz/2016/12/)
(https://blog.heckel.xyz/2014/02/)
(https://blog.heckel.xyz/2010/08/)

Jan ‘16 Oct ‘13 May ‘10

(https://blog.heckel.xyz/2016/01/)
(https://blog.heckel.xyz/2013/10/)
(https://blog.heckel.xyz/2010/05/)

Dec ‘15 Aug ‘13 Jan ‘10

(https://blog.heckel.xyz/2015/12/)
(https://blog.heckel.xyz/2013/08/)
(https://blog.heckel.xyz/2010/01/)
Oct ‘15 Jul ‘13 Sep ‘09
(https://blog.heckel.xyz/2015/10/)
(https://blog.heckel.xyz/2013/07/)
(https://blog.heckel.xyz/2009/09/)

Aug ‘15 Jun ‘13 Aug ‘09

(https://blog.heckel.xyz/2015/08/)
(https://blog.heckel.xyz/2013/06/)
(https://blog.heckel.xyz/2009/08/)

May ‘15 May ‘13 Apr ‘09

(https://blog.heckel.xyz/2015/05/)
(https://blog.heckel.xyz/2013/05/)
(https://blog.heckel.xyz/2009/04/)
Mar ‘15 Mar ‘13 Mar ‘09
(https://blog.heckel.xyz/2015/03/)
(https://blog.heckel.xyz/2013/03/)
(https://blog.heckel.xyz/2009/03/)

Jan ‘15 Jan ‘13 Nov ‘08

(https://blog.heckel.xyz/2015/01/)
(https://blog.heckel.xyz/2013/01/)
(https://blog.heckel.xyz/2008/11/)

Oct ‘14 Dec ‘12 Oct ‘08

(https://blog.heckel.xyz/2014/10/)
(https://blog.heckel.xyz/2012/12/)
(https://blog.heckel.xyz/2008/10/)
Aug ‘14 Jun ‘12 Sep ‘08
(https://blog.heckel.xyz/2014/08/)
(https://blog.heckel.xyz/2012/06/)
(https://blog.heckel.xyz/2008/09/)

Jun ‘14 Mar ‘11 Jul ‘08

(https://blog.heckel.xyz/2014/06/)
(https://blog.heckel.xyz/2011/03/)
(https://blog.heckel.xyz/2008/07/)

May ‘14 Feb ‘11 May ‘08

(https://blog.heckel.xyz/2014/05/)
(https://blog.heckel.xyz/2011/02/)
(https://blog.heckel.xyz/2008/05/)

ADVERTISEMENT

CATEGORIES

Administration (/category/administration/) Multimedia (/category/multimedia/) (5)

(9)
Android (/category/android/) (3)
Cloud Computing (/category/cloud-
computing/) (4)
Code Snippets (/category/snippets/) (13)
Distributed Systems (/category/distributed-
systems/) (4)
O耂ce (/category/o耂ce/) (4)
Programming (/category/programming/) (22)
Scripting (/category/scripting/) (13)
Security (/category/security/) (16)
Synchronization (/category/synchronization/)
(7)
Virtualization (/category/virtualization/) (2)
Linux (/category/linux/) (26)
Mobile (/category/mobile/) (4)

RECENT COMMENTS

timothy at February 19th, 2017

on How To: Use mitmproxy to read and modify HTTPS tra耂c
(https://blog.heckel.xyz/2013/07/01/how-to-use-mitmproxy-to-read-and-
modify-https-tra耂c-of-your-phone/#comment-222497)

Chiny at January 25th, 2017

on How To: DNS spoo耂ng with a simple DNS server using Dnsmasq
(https://blog.heckel.xyz/2013/07/18/how-to-dns-spoo耂ng-with-a-simple-dns-
server-using-dnsmasq/#comment-221938)

ali at January 10th, 2017

on How To: Use mitmproxy to read and modify HTTPS tra耂c
(https://blog.heckel.xyz/2013/07/01/how-to-use-mitmproxy-to-read-and-
modify-https-tra耂c-of-your-phone/#comment-221542)

Андрусик Ігор at January 5th, 2017

on Android Example: Communication between Activity and Service using ...
(https://blog.heckel.xyz/2012/06/10/android-example-communication-between-
activity-and-service-using-messaging/#comment-221455)

LINKS

LinkedIn Pro耂le (http://www.linkedin.com/in/philippheckel)

XING Pro耂le (https://www.xing.com/pro耂le/Philipp_Heckel)

Google+ Pro耂le (https://plus.google.com/117151669220976773787?rel=author)

Syncany Project Site (http://www.syncany.org/)

Syncany on GitHub (https://github.com/syncany/syncany)

© Philipp C. Heckel (/about/), 1998 - 2017 Original Theme by Site5 (http://www.s5themes.com/)