Full Disclosure mailing list archives
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version)
From: Derek Callaway <super () innu org>
Date: Fri, 15 Aug 2008 14:31:41 -0400 (EDT)
This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each. Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread. http://www.innu.org/~super/tools/porkbind-1.3.tar.gz ChangeLog for this version: porkbind-1.3 ------------ Wrote in-a-bind shell script that scans random domain names from DMOZ Implemented recursive query testing Changed porkbind.conf to use CVE numbers in addition to CERT alerts Modified text displayed on stdout to make it more parsable Licensed with GNU Lesser General Public License Fixed timeout/concurrency/memory corruption bugs Fixed improper comparison of alpha/beta version numbering bug Added typecasts to silence compiler warnings - Derek _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway (Aug 15)