OK It checks the *eventual* DNS server that actually resolves the query and is the vulnerable point in resolving DNS information for the machine whose keyboard you are using.
The major point being, it doesn't check the public DNS servers for your own domains. From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2008 5:44 PM To: NT System Admin Issues Subject: RE: DNS Vulnerability I don't think that's right. On my system here, IPCONFIG /ALL shows our internal DNS servers. When I run the test at DoxPara.com, it reports on the external forwarders that my DNS servers point to. Given that my DNS servers are NATted behind a firewall, I'm not sure how it could check them anyway. I can see how it might check for vulnerabilities in the NAT part of my firewall, but that's not the address it reports. .Tim From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2008 2:20 PM To: NT System Admin Issues Subject: RE: DNS Vulnerability It tests the DNS server(s) which appear(s) under IPCONFIG /ALL. It does not check the DNS server(s) that are identified in the whois information for your domain. Carl From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2008 4:18 PM To: NT System Admin Issues Subject: DNS Vulnerability Is this a valid test for the recently disclosed DNS cache poisoning vulnerability? http://www.doxpara.com/ Do I understand correctly that this will test my internal and external DNS servers? Internal clients point to my internal DNS servers which then point to my ISP's (AT&T) name servers. Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _____ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
