Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Res: testing dns servers

From: Marcos Aurelio Rodrigues <marsamp () yahoo com br>
Date: Mon, 16 Apr 2007 04:43:38 -0700 (PDT)
I think, to hide the version of your DNS its a good one. 
 
Marcos Aurelio Rodrigues (d319r4t1433)
Pueri quod semper amat Dei

----- Mensagem original ----
De: Zhihao <zhihao () root sg>
Para: pen-test () securityfocus com
Enviadas: Domingo, 15 de Abril de 2007 3:49:37
Assunto: testing dns servers

Hi,

How would you guys test a dns server for holes?

Here are some that i thought of..

1. Make sure it does not allow recursive queries.
2. Make sure it does not allow zone transfers from unauthorized hosts.
3. Make sure it is not vulnerable to dns cache poisoning.

Anything other vectors we could look at?

Cheers.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


__________________________________________________
Fale com seus amigos  de graça com o novo Yahoo! Messenger 
http://br.messenger.yahoo.com/

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: