Tool: PorkBind Nameserver Security Scanner
In light of the new DNS cache poisoning issue and now that everyone has had
plenty of time to apply patches, I've decided to release a new version of my
nameserver security scanner called porkbind. It is a multi-threaded nameserver
scanner that can recursively query nameservers of subdomains for version
strings. (i.e. sub.host.dom's nameservers then host.dom's nameservers)
After acquiring the version strings it tests them against version numbers
from CERT advisories and reports back to the user. Zone transfer
capability is also tested for. It is available for download at:
http://innu.org/~super/tools/porkbind-1.2.tar.gz
- Derek