[Ilugc] [ILug-C][OT] DNS cache poisoning
- From: roshan@xxxxxxxxx (Roshan George)
- Date: Mon, 19 Mar 2012 14:10:15 +0530
On Sun, 2012-03-18 at 22:13 +0530, Yogesh Girikumar wrote:
Thanks. What I'm looking for is not a malware detector. I was looking
for
ways to find out if my "ISP's DNS servers have been poisoned"..
I remember using `namebench` to find a fast DNS server when the Airtel
servers were (predictably) being terribly slow. If you're looking for a
way to do what you want, that's a good place to start. It's unlikely
that _every_ DNS server (and there are many) that `namebench` has in
`/etc/namebench/hostname_reference.cfg` has been attacked so they're
likely to return different addresses.
There's the usual caveat that one domain can still point to multiple
addresses but you can probably still exhaust all the alternatives by
trying them enough times.
Of course if you are even worried that your ISP's DNS servers have been
poisoned just switch to using Google Public DNS or something and avoid
the problem. Having those attacked in a way that allows someone to lose
something is likely to cause such a huge fuss that you'll definitely
notice.
Regards,
--
Roshan George <roshan at arjie.com>
Other related posts:
