1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Checking for DNS Vulns

Discussion in 'Plesk for Linux - 8.x and Older' started by brucew, Oct 25, 2005.

  1. brucew

    brucew Guest

    0
     
    Read this yesterday: http://www.theregister.co.uk/2005/10/24/dns_security_survey/

    It got me wondering aobut the default DNS conf in Plesk. I know from logs, that it refuses zone transfers.

    I understand the concept that recursion can be a vuln, but I don't know how to check this.

    Also wondering if it's set to respond only to requests for domains on the server.

    Anyone know? Or better yet, can anyone show (or tell) me how to determine this?
     
  2. ShadowMan@

    ShadowMan@ Guest

    0
     
    One good site with lots of tools is http://www.dnsstuff.com

    For example doing a DNS Timing test on plesk.com shows:
    There are many tools, try them, you'll like them....

    Are you referring to "Forwarding" of requests when you say "respond only to requests for domains on the server"?

    If so, then on all Plesk servers I have installed and managed, the answer is yes, forwarding is not on by default. To test this, from a SSH root login, you can issue the command "dig @localhost google.com" and you will see that all you get is a list of the internet's ROOT-SERVER.NET nameservers.
     
Loading...