Nmap Development mailing list archives
[NSE] New script dns-blacklist
From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 26 Dec 2011 15:30:53 +0100
Hi list, I just committed a new script called dns-blacklist which checks given or scanned IP addresses against a bunch of different DNSBL services. It groups services into categories and currently supports SPAM and PROXY checking for known spam IP's and open proxies. Services may be limited by category or names through script arguments and by default all categories and all services are checked. Here's some sample output: Pre-scan script results: | dns-blacklist: | 1.2.3.4 | PROXY | dnsbl.ahbl.org - PROXY | dnsbl.tornevall.org - PROXY | IP marked as "abusive host". | Proxy is working | Proxy has been scanned | SPAM | dnsbl.inps.de - SPAM | Spam Received See: http://www.sorbs.net/lookup.shtml?1.2.3.4 | l2.apews.org - SPAM | list.quorum.to - SPAM | bl.spamcop.net - SPAM |_ spam.dnsbl.sorbs.net - SPAM We initially discussed creating one script per category and if we want that there's no problem to go down that path as I see it. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script dns-blacklist Patrik Karlsson (Dec 26)