If a DNS sniffer/spoofer is running on a network using something like netwag/netwox, how does the sniffer see the request that is destined for the real DNS server?
Wouldn't the packets for the DNS request be routed only to the DNS server? Why would they be broadcast to other addresses on the network so that the sniffer can see the request?