‘WinDNSSpoof, A Windows Based DNS Spoofer’
‘This tool is a simple DNS ID Spoofer for Windows 9x/2K. In order to use it you must be able to sniff traffic of the computer being attacked. If you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org)
If you want to be sure that the DNS Server doesn’t answer before WinDNSSpoof configure a personal firewall to block outgoing DNS traffic (UDP 53 destination port). After this WinDNSSpoof takes care to spoof only those packets that are required to, and the rest to allow to go through. For this you must specify the MAC address of the DNS server (or the default gateway if the DNS server is in another network).
Usage : wds -h
Example : wds -n www.microsoft.com -i 188.8.131.52 -g 00-00-39-5c-45-3b
Note that WinDNSSpoof requires WinPcap.’