Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
n0whereN0whereN0WHERE:78936
HistoryMay 10, 2016 - 10:19 p.m.

Fast Golang DNS Proxy: grimd

2016-05-1022:19:33
n0where.net
10
JSON

tldr-200

Fast golang dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers

Incoming requests spawn a goroutine and are served concurrently, and the block cache resides in-memory to allow for rapid lookups, allowing grimd to serve thousands of queries at once while maintaining a memory footprint of under 15mb for 100,000 blocked domains! Grimd requires golang 1.6 and you build grimd like any other golang application, for example to build for linux x64

env GOOS=linux GOARCH=amd64 go build -v github.com/looterz/grimd

A restful json api is exposed by default on the local interface, allowing you to build web applications that visualize requests, blocks and the cache. reaper is the default grimd web frontend, and will likely get a makeover when the Buoy framework releases later this year.

Fast GoLang DNS Proxy: grimd

Installing grimd

Installing grimd is the easiest when you simply download a release from the GitHub releases page.

mkdir ~/grim
cd ~/grim
wget <grimd release>

This will download the binary to ~/grim which will be grimd’s working directory. First, setup file permissions for grimd, by running the following.

chmod a+x ./grimd_linux_x64

Setup is pretty much complete, the only thing left to do is run grimd and let it generate the default configuration and download the blocklists. You wil need to set up as a systemd service so it automatically restarts and updates when starting.

Setting up the service

Create the grimd service by running the following,

nano /etc/systemd/system/grimd.service

Now paste in the code for the service below,

[Unit]
Description=grimd dns proxy
Documentation=https://github.com/looterz/grimd
After=network.target

[Service]
User=root
WorkingDirectory=/root/grim
LimitNOFILE=4096
PIDFile=/var/run/grimd/grimd.pid
ExecStart=/root/grim/grimd_linux_x64 -update
Restart=always
StartLimitInterval=30

[Install]
WantedBy=multi-user.target

Save, and now you can start, stop, restart and run status commands on the grimd service like follows

service grimd start

The only thing left to do is setup your clients to use your grimd dns server.

grimd server should only allow connections from clients you trust, mainly because public dns servers are hit by penetration testers and hackers regularly to scout for vulnerabilities. There are many blocklist resources online that you can use but by default grimd is configured to use some of the more popular ones from around the internet for blocking ads and malware domains. Some services exist that will allow you to regularly get blocklist updates automatically from feeds.

Download3

JSON