mDNS

Section: [mDNS]

mDNS.TTL: int = 120

Linked to mdns.MDNSConfig.mdns_ttl

Specifies the Time-To-Live (TTL), in seconds, for poisoned responses. Lower TTL values may increase the likelihood of detection by antivirus (AV) or endpoint detection and response (EDR) solutions.

mDNS.MaxLabels: int = 1

Linked to mdns.MDNSConfig.mdns_max_labels

Defines the maximum number of domain name labels to be processed. This setting overrides mDNS.AllowedQueryTypes as well as global and local blacklist/whitelist configurations. By default, all incoming queries that target services with more than one label (excluding .local) are ignored.

mDNS.AllowedQueryTypes: list[str | int] = [ "A", "AAAA", "ALL" ]

Linked to mdns.MDNSConfig.mdns_qtypes

Specifies the list of DNS query types to respond to. This attribute has lower priority than mDNS.MaxLabels, but higher priority than global or local blacklist/whitelist rules.

Note

If query types are provided as strings, they must correspond to valid entries in dns.dnstypes.

mDNS.Ignore: list[str | dict]

Specifies a list of hosts to be blacklisted. For additional context, see Globals.Ignore. When this attribute is defined, it overrides the global blacklist configuration. If not explicitly set, this attribute has no effect. For a comprehensive explanation of how the blacklist is applied, refer to BlacklistConfigMixin.

mDNS.AnswerTo: list[str | dict]

Defines a list of hosts to which responses should be sent. See Globals.AnswerTo for more information. When specified, this attribute takes precedence over the global whitelist. If omitted, the global configuration remains in effect. For detailed behavior and usage, refer to WhitelistConfigMixin.

Python Config

class mdns.MDNSConfig(config: dict)

Represents the configuration for the corresponding [mdns] section in the TOML file. This class incorporates both WhitelistConfigMixin and BlacklistConfigMixin, which introduce two additional configuration fields. For further details on their behavior and usage, refer to the respective mixin class documentation.

enabled: bool = True

Corresponds to Dementor.mDNS

Controls whether mDNS poisoning is enabled. See Dementor.mDNS for guidance on configuring this option in the TOML file.

mdns_ttl: int = 120

Corresponds to mDNS.TTL

mdns_max_labels: int = 1

Corresponds to mDNS.MaxLabels

mdns_qtypes: list[str | int] = [1, 28, 255]

Corresponds to mDNS.AllowedQueryTypes

Default Configuration

mDNS configuration section (default values)
1[mDNS]
2TTL = 120
3MaxLabels = 1
4AllowedQueryTypes = [ "A", "AAAA", "ALL" ]