yeah the subject is a little clickbait-ey…
I have a POS (Point of Sale / Piece of $#!+) server. It was made by our franchisor on SCO Unix. I use a service that receives a daily file via ftp and then represents that data as reports on a LAMP style Web 2.0ish SaaS solution.
I want to see the raw data so I plugged the Server into a Tik with a simple “SOHO router” style config but mirrored the port back to my laptop for wireshark
in wireshark I see the Server make a bunch of DNS queries to:
someserver.franchisor.com
1.us.pool.ntp.org
ftp1.SaaSService.com
1.us.pool.ntp.org.franchisor.com
ftp1.SaaSService.com.franchisor.com
2.us.pool.ntp.org
2.us.pool.ntp.org.franchisor.com
0.north-amercia.pool.ntp.org
0.north-amercia.pool.ntp.org.franchisor.com
etc.
etc.
etc.
in the servers software I can setup the typical stuff, ip, net mask, broadcast, dns 1 and 2, router.
I want to trick the Server into thinking it is receiving proper DNS queries without actually giving it net access.
Ideally I want to setup a FTP server that will accept the file this unix box is trying to FTP to the SaaS provider.
Any ideas?