Nmap Development mailing list archives
Re: [SCRIPT] Check DNS servers against porttest.dns-oarc.net for "Dan's Bug" (CVE-2008-1447, CVE-2008-1454)
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 28 Jul 2008 04:23:33 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 16 Jul 2008 22:41:48 +0000 or thereabouts Brandon Enright <bmenrigh () ucsd edu> wrote:
Fellow developers; As everyone knows at this point, Dan Kaminsky found a serious flaw in DNS and a bunch of vendors have patched their implementation to try to work around the problem. Duane Wessels of OARC setup a great service at porttest.dns-oarc.net to help you audit your DNS servers. This is a NSE script (attached) to help automate that checking.
Hi folks, After a heck of a lot of testing and debugging I have improved this script. The script now better understands how to parse DNS and handles edge-cases better. I also added output for various errors if you turn on debugging or verbose (level 2 to see everything). I'd say this script is "well tested" now and should up to the task of auditing your organization. The only trouble I've had with this version of the script is that if you turn Nmap's parallelism up too much with --min-parallelism NSE becomes sad and starts to reduce accuracy. I haven't heard back from Duane yet though so the sharing restrictions listed in my previous email and in the script still stand for now. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkiNSc0ACgkQqaGPzAsl94JwWQCdFefx293g0tdyYc70Qvi6qKp8 TMEAnizqcBfMZv/GyhdUZSL5CSuKM/uv =PHKI -----END PGP SIGNATURE-----
Attachment:
dns-safe-recursion.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [SCRIPT] Check DNS servers against porttest.dns-oarc.net for "Dan's Bug" (CVE-2008-1447, CVE-2008-1454) Brandon Enright (Jul 16)
- Re: [SCRIPT] Check DNS servers against porttest.dns-oarc.net for "Dan's Bug" (CVE-2008-1447, CVE-2008-1454) Brandon Enright (Jul 27)