Nmap Development mailing list archives
dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion
From: Paulino Calderon <paulino () calderonpale com>
Date: Thu, 28 Mar 2013 03:03:30 -0600
description = [[dns-openresolvers-check looks up the database "dnsbl.openresolvers.org" to detect DNS servers known to allow open recursion. If the DNS server is found, it will be marked as vulnerable as it can be abused via DNS amplification attacks.
This script queries a database provided by http://dns.measurement-factory.com.
Daily reports of open resolvers found: * http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/ DNS aplification attacks: * http://isotf.org/news/DNS-Amplification-Attacks.pdf ]] --- -- @usage nmap -sV --script dns-openresolvers-check <target> -- @usage nmap -sV -p53 --script dns-openresolvers-check <target> -- -- @output -- | dns-openresolvers-check: -- | VULNERABLE: -- | This DNS server has been blacklisted as an open resolver. -- | State: VULNERABLE -- | Risk factor: High -- | Description:-- | This DNS server is known for supporting open recursion. Open resolvers are dangerous
-- | because of the following reasons:-- | * Attackers may consume resources of third parties. They are actively being exploited in DDoS attacks.
-- | * Attackers may poison the cache of an open resolver. -- | -- | References: -- | http://isotf.org/news/DNS-Amplification-Attacks.pdf -- |_ http://dns.measurement-factory.com/surveys/openresolvers.html ---
Attachment:
dns-openresolvers-check.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion Paulino Calderon (Mar 28)
- <Possible follow-ups>
- dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion Paulino Calderon (Mar 28)