Wardriving Ubuntu & /etc/resolv.conf

Sun Mar 13 12:32:05 UTC 2005

Joe Potter wrote:

> Hans Poppe wrote:
>> Joe Potter wrote:
>> 
>> 
>>>Hans Poppe wrote:
>>>
>>>>Hi, I recently found a pub/cafe near where I live where there is an
>>>>unsecured WiFi that I've been using for some time. In Norway, where I
>>>>live, this is not illegal. However a problem has arisen. Lately another
>>>>neighbour to the cafe has set up another WiFi base station which is
>>>>overpowering the one I used. The new one is also unsecured (ie no
>>>>encryption, no ESSID), but the DHCP server on the new router is set to
>>>>renew leases every 13 seconds, and at that time the /etc/resolv.conf is
>>>>overwritten with a new file, listing only the new routers IP address
>>>>(10.0.0.1) as DNS. It doesn't relay from my machine. So my question is
>>>>how can I prevent the overwriting of /etc/resolv.conf? I tried to edit
>>>>it (as root), but if I cat the file a immedeatly after exiting vi, the
>>>>file is changed, but a few seconds later if I cat it again it is set
>>>>back to what it was. I then tried to chown and chmod the file in several
>>>>ways, but it didn't work either. Is there a way to work around this? How
>>>>can I configure my laptop running Ubuntu with 2.6.8 kernel to find and
>>>>report more than the most powerful (I think this is what it's doing) and
>>>>let me choose which to connect to? I'm using KWiFimanager, but it only
>>>>shows one network. The reason why I think there is a new network is
>>>>because the signal strength has increased from 35-40% to 80-90% sitting
>>>>at the same table in the cafe :-) I suppose I need software, but what to
>>>>choose on this platform? Thanks for any ideas.
>>>>Hans
>>>>
>>>>
>>>
>>>
>>>http://www.die.net/doc/linux/man/man1/chattr.1.html
>>>
>>>You need to look at the chattr and lsattr commands. You set the
>>>/etc/resolv.conf file so that it will not be changed at all. Then the
>>>file will stay as you want it; till you change the file attribute back
>>>to normal.
>>>
>>>Many have done this when running their own name server for a speed up
>>>over the ISP nameserver.
>>>
>>>Good luck.
>>>
>>>Regards, Joe
>> 
>> i'm using reiserfs and the output of lsattr is just "------------" and
>> filename.
>> Man lasattr says it's for Ext2 so I guess I'm out of luck with these two
>> commands. I think part of ther problem could be that Ubuntu uses a lot of
>> sudo on several programs. I dont't know who/what has rights to
>> overwrite /etc/resolv.conf.
>> Hans
>> 
>> 
> 
> 
> I am using Hoary Ubuntu just now. I like to use the "root terminal" but
> you may use sudo if you want to from a normal terminal.
> 
> 
> 
> Step 1 --->   cd /etc
> 
> 
> 
> Step 2 --->   lsattr resolv.conf
> 
> this should show --------- as you said.
> 
> 
> 
> step 3 --->   chattr +i resolv.conf
> 
> this does the change.
> 
> 
> 
> 
> step 4 --->   lsattr resolv.conf
> 
> this shows the change.
> 
> 
> 
> Good luck.
> 
> 
> Regards, Joe
Hi,
I tried this and the output from lsattr /etc/resolv.conf reads
"-------i------------" (didn't count the hashes :-), but it is still
overwritten if I run dhclient. I suppose that means that when the lease is
to be renewed my machine will run dhclient, and it will be overwritten
again. Haven't had the chance to try yet, but my neighbours unsecured WiFi
lets me on the net, and it gives me a real IP for the NS, not an NAT
address. However this DHCP doesn'æt require a renewal for days, so I'll
have to wait to see...

Hans