You may be interested in this perl script that uses Net::DNS to display all IPs in a class C with reverse DNS, and check that the name forward resolves correctly. You could tweak it to output a Nessus target file very easily.
Regards,
Paul
Jack Polimer wrote:
I know for a fact that my DNS is broken. Trying to fix it has become a large project... Part of the project is to beg for a "Broken DNS Check" function to be incorporated into Nessus. So, what do y'all think about adding this feature to Nessus?
Here is a quick survey I hope everyone will take: http://www.createsurvey.com/cgi-bin/pollfrm?s=11368&magic=73vMSUYPJ2kMnkf
In a nutshell, the function, when selected, will take
a target IP address-variable x, perform a reverse DNS
lookup-variable y, take the result of the reverse DNS
lookup and perform a (forward) DNS lookup-variable z. If variable x does not equal variable z the target
will not be tested.
There are a few more checks the test can do, but for now that is a start. What do y'all think? -- Jack
__________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: [EMAIL PROTECTED] web: www.westpoint.ltd.uk
#!/usr/bin/perl #-- # This script checks that all reverse DNS for a class C network is matched # by a corresponding forward DNS entry. # Author Paul Johnston, Copyright 2003 Westpoint Ltd #-- use Net::DNS; my $res = Net::DNS::Resolver->new;
#--
# Parse command line
#--
$network = $ARGV[0];
if($network !~ /^\d+\.\d+\.\d+$/)
{
print "Usage: $0 x.x.x\n";
print "Where x.x.x is the first three octets of the class C network to scan\n";
exit;
}
$net_domain = join('.', reverse split(/\./, $network)).".in-addr.arpa";
#--
# Go through every host on network
#--
for $host (0 .. 255)
{
$q = $res->query("$host.$net_domain", "PTR");
next unless $q; # skip if no reverse for this IP
$r = ($q->answer)[0];
if($r->type ne "PTR") { die "not PTR"; }
$hostname = $r->rdatastr;
$q = $res->query($hostname, "A");
if($q)
{
$r = ($q->answer)[0];
if($r->type ne "A") { die "not A"; }
$ip = $r->address;
if($ip eq "$network.$host") { $status = "ok"; }
else { $status = "mismatch: $ip"; }
}
else { $status = "no forward"; }
print sprintf("%-15.15s %-30.30s $status\n", "$network.$host", $hostname);
}
