PorkBind v1.2 : 13 DNS security flaws scanner (including DNS Poisoning)

PorkBind is a multi-threaded nameserver scanner that can recursively query nameservers of subdomains for version strings. (i.e. sub.host.dom’s nameservers then host.dom’s nameservers) After acquiring the version strings it tests them against version numbers from CERT advisories and reports back to the user. Zone transfer capability is also tested for

This little test software checks for vulnerabilities defined into the default porkbind.conf. As well as Cache poisoning, NXT bug, Malformed SIG overflow, Crypto weaks and many others.

The vulnerabilities detected are described into advisories repository. The newest covered Cache poisoning is the alert TA08-190B (otherwise the famous CVE-2008-1447)

We recommand this utility because it checks for 13 critical DNS flaws.

Here is the internal links to vulnerabilities along with their CVSS v2.0 scores and OVAL checks (when available).

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

Configurations checks
PorkBind
Vulnerability Scanner