Darknet - The Darkside » namserver security http://www.darknet.org.uk Ethical Hacking, Penetration Testing & Computer Security Tue, 07 Feb 2012 18:34:17 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 PorkBind v1.3 – Nameserver (DNS) Security Scanner http://www.darknet.org.uk/2008/09/porkbind-v13-nameserver-dns-security-scanner/ http://www.darknet.org.uk/2008/09/porkbind-v13-nameserver-dns-security-scanner/#comments Mon, 15 Sep 2008 07:25:13 +0000 Darknet http://www.darknet.org.uk/?p=1012

This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each.

Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread.

Changes for v1.3

  • Wrote in-a-bind shell script that scans random domain names from DMOZ
  • Implemented recursive query testing
  • Changed porkbind.conf to use CVE numbers in addition to CERT alerts
  • Modified text displayed on stdout to make it more parsable
  • Licensed with GNU Lesser General Public License
  • Fixed timeout/concurrency/memory corruption bugs
  • Fixed improper comparison of alpha/beta version numbering bug
  • Added typecasts to silence compiler warnings

The tool now scans for 14 flaws and reports CVE numbers & CERT.

You can download PorkBind v1.3 here:

porkbind-1.3.tar.gz

Or read more here.

Post to Twitter Post to Facebook Post to Google Buzz Post to Delicious Post to Digg Post to Reddit Post to StumbleUpon

]]> http://www.darknet.org.uk/2008/09/porkbind-v13-nameserver-dns-security-scanner/feed/ 0