Multivendor DNS Flaw auditing tool

Earlier I discussed the multivendor DNS flaw and linked to Dan’s web page that contains a tool you can run to see if your DNS servers are vulnerable to cache poisioning.

Jose has developed a basic open source tool called CacheAudit that can be used to determine if the cache on your DNS server has been poisoned.  He describes the tool’s operation as:

“The overall concept was to take periodic dumps of the in-memory cache from the recursive server, validate these dumps against the authoritative name servers, and peer recursive name servers, alerting when something could not be validated.”

You can also view his presentation on Recursive DNS cache auditing.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: