DnsWhat : New DNS cache poisoning attack scanner

This program is made for the purpose of sniffing off the wire in order to determine whether DNS servers (localhost or on the local segment) are vulnerable to the new DNS cache poisoning attack.

The only strict requirement for this file is libpcap, which is used to sniff for the appropriate host to test. Ideally, this file should be used locally on the DNS server to be tested; but can also be performed remotely if the testing system can reliably sniff the targets packets. If this test is being performed remote from the target DNS server, the target DNS server *must* be set as the testing host’s nameserver (/etc/resolv.conf or otherwise).