Thursday, July 9, 2009

Nschaind v.0.3 Bind cache poisoning Scanner

nschaind is a tool that detects if a certain DNS resolver is vulnerable to cache poisoning according to VU#800113 (the Dan Kaminsky bug). This report covers weaknesses in BIND 9, BIND 8 and MS Windows DNS Server. This tool tests only the BIND weaknesses, which are described in VU#252735 and VU#927905 (discovered by Amit Klein).

The value of nschaind over other tools, is that nschaind does not require one to have direct access to the resolver being tested. The resolver must be tricked though into querying the tool, which can be accomplished in many ways.

As of release 0.3, nschaind detects vulnerable BIND 8 and BIND 9 servers.

See More Info about nschaind or Download

No comments: