From: killy (killfactory@gmail.com)
Date: Sun Apr 15 2007 - 19:22:15 EDT
nslookup, txdns,dig, host, bile suites, etc.
Checkout Metasploit and the milw0rm site too.
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
-p1g
On 4/15/07, Zhihao <zhihao@root.sg> wrote:
> Hi,
>
> How would you guys test a dns server for holes?
>
> Here are some that i thought of..
>
> 1. Make sure it does not allow recursive queries.
> 2. Make sure it does not allow zone transfers from unauthorized hosts.
> 3. Make sure it is not vulnerable to dns cache poisoning.
>
> Anything other vectors we could look at?
>
> Cheers.
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>
-- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:44 EDT