Find Out If My DNS Server Free From DNS Cache…
2009-05-13 15:18:37来源:未知 阅读 ()
Q.How do I verify that my ISP or my own recursive resolvers are free from
[url=javascript:;]DNS[/url]
cache poisoning
[url=javascript:;]bug[/url]
that is promised full disclosure of the flaw by Dan on August 7 at the Black Hat conference? How do I test my dns server for DNS cache pollution or DNS Cache Poisoning bug?
A.DNS cache poisoning (also known as DNS cache pollution) is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. It occur if DNS "spoofing attack" has been encountered. An attacker will send malicious data / non-secure data in response to a DNS query. For example dns query for www.cyberciti.biz can be redirected to www.example.com.
But how do I find out if my DNS server is open to such attack or not?
Visit Dan Kaminsky java script page to
check your DNS
You can also use following command dig command, enter:
$ dig +short @{name-server-ip} porttest.dns-oarc.net txt
$ dig +short @ns1.example.comporttest.dns-oarc.net txt
$ dig +short @208.67.222.222porttest.dns-oarc.net txt
Sample output:
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"208.67.222.222 isGOOD: 26 queries in 0.1 seconds from 26
[url=javascript:;]ports[/url]
with std dev 17746.18"
Another test,
$ dig +short @125.22.47.125 porttest.dns-oarc.net txt
Output:
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"125.22.47.139 isPOOR: 42 queries in 8.4 seconds from 1 ports with std dev 0.00"
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/4206/showart_1358904.html
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- Freebsd oracle 10g 2009-05-13
- KDE/FreeBSD 测试 QT-4.5.1. 2009-05-13
- OpenBSD 4.5下安装Gnome 2.24成功! 2009-05-13
- OpenBSD 4.5 2009-05-13
- DragonFly BSD 2.2.1发布 2009-05-13
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash