I think this is better done as a stand-alone tool, not part of Nessus. There's already Perl code to do this. Plus web sites offering the service for external users. Try out free tools: http://www.visi.com/~barr/dnswalk/ DNSwalk http://www.domtools.com/dns/dlint.shtml Dlint http://www.net-dns.org/ Perl interface to DNS
If anyone knows of a similar tool that reads the DNS databases directly (or dumped zone files) I'd be interested. Should be much faster by avoiding DNS lookups. (I never seem to get more than 10 minutes programming time, otherwise I'd do it myself!) Andrew Yeomans -----Original Message----- From: Jack Polimer [mailto:[EMAIL PROTECTED] Sent: 02 October 2003 00:23 To: nessus Subject: Broken DNS Anyone? A possible check... I know for a fact that my DNS is broken. Trying to fix it has become a large project... Part of the project is to beg for a "Broken DNS Check" function to be incorporated into Nessus. So, what do y'all think about adding this feature to Nessus? Here is a quick survey I hope everyone will take: http://www.createsurvey.com/cgi-bin/pollfrm?s=11368&magic=73vMSUYPJ2kMnkf In a nutshell, the function, when selected, will take a target IP address-variable x, perform a reverse DNS lookup-variable y, take the result of the reverse DNS lookup and perform a (forward) DNS lookup-variable z. If variable x does not equal variable z the target will not be tested. There are a few more checks the test can do, but for now that is a start. What do y'all think? -- Jack __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com ---------------------------------------------------------------------- If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. ----------------------------------------------------------------------
