Nmap Development mailing list archives
Re: dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion
From: John Bond <john.r.bond () gmail com>
Date: Tue, 2 Apr 2013 18:30:41 +0200
Not sure why this was posted 3 times; however that aside, unless I'm missing something there is no need to use an external service for this check. I seem to remember that either nmap or an existing nse script already detects open resolvers On Thursday, March 28, 2013, Paulino Calderon wrote:
description = [[ dns-openresolvers-check looks up the database "dnsbl.openresolvers.org" to detect DNS servers known to allow open recursion. If the DNS server is found, it will be marked as vulnerable as it can be abused via DNS amplification attacks. This script queries a database provided by http://dns.measurement-** factory.com <http://dns.measurement-factory.com>. Daily reports of open resolvers found: * http://dns.measurement-**factory.com/surveys/** openresolvers/ASN-reports/<http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/> DNS aplification attacks: * http://isotf.org/news/DNS-**Amplification-Attacks.pdf<http://isotf.org/news/DNS-Amplification-Attacks.pdf> ]] --- -- @usage nmap -sV --script dns-openresolvers-check <target> -- @usage nmap -sV -p53 --script dns-openresolvers-check <target> -- -- @output -- | dns-openresolvers-check: -- | VULNERABLE: -- | This DNS server has been blacklisted as an open resolver. -- | State: VULNERABLE -- | Risk factor: High -- | Description: -- | This DNS server is known for supporting open recursion. Open resolvers are dangerous -- | because of the following reasons: -- | * Attackers may consume resources of third parties. They are actively being exploited in DDoS attacks. -- | * Attackers may poison the cache of an open resolver. -- | -- | References: -- | http://isotf.org/news/DNS-**Amplification-Attacks.pdf<http://isotf.org/news/DNS-Amplification-Attacks.pdf> -- |_ http://dns.measurement-**factory.com/surveys/**openresolvers.html<http://dns.measurement-factory.com/surveys/openresolvers.html> ---
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion John Bond (Apr 02)
- Re: dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion John Bond (Apr 07)
- Re: dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion Paulino Calderon (Apr 08)
- Re: dns-openresolvers-check.nse : Detects DNS servers known to allow open recursion John Bond (Apr 07)