I live in Brugge and I’m a member of Couchsurfing, I’m always interested in every initiative that provides tourists with interesting city information.
Recently I found a map from Use-It with some interesting “things to do”. I’ve put the map in my Evernote notes.
DNS amplification attacks have become pesky (see below for pointers on these kind of attacks). There’s an easy way to verify if there are nameservers on your network that allow recursive queries for the “world”
Do this from a machine outside of your network (if you’d launch it from a machine inside your network chances are high that your IP is part of an ‘allowed’ list in the NS-config, thus falsifying your results).
The tool to use is nmap. Nmap is a free and open source utility for network discovery and security auditing.
http://nmap.org/
Nmap allows for the use of scripts through the Nmap Scripting Engine. On a default install these scripts (that end in .nse) are installed in
/usr/local/share/nmap/scripts
The script we need is dns-recursion.nse. A recent version is in the nmap SVN. https://svn.nmap.org/nmap/scripts/dns-recursion.nse
The source reveals that the script probes for “www.wikipedia.org”. Change the script if you’d like to differentiate the requests in your logs.
The nmap command you need is
nmap -sU -p 53 -sV -P0 –script “dns-recursion” 1.2.3.4
-sU = UDP scan
-p 53 = only scan for port 53 (the “dns”-port)
-sV = Probe open ports to determine service/version info
-P0 = Treat all hosts as online
When the nameserver allows recursion, output similar to this will be returned:
PORT STATE SERVICE VERSION
53/udp open domain ISC BIND 9.7.0-P1
|_dns-recursion: Recursion appears to be enabled
Redirect the output of nmap to a file and then use grep to look for recursion. Note: as far as I could check, the XML or Normal output of nmap lose the nse script output.
DNS amplification attack pointers:
Why having an open resolver is a bad idea:
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.