DNS Server Cache Snooping Remote Information Disclosure
Nessus Output Description The remote DNS server responds to queries for third-party domains that do not have the recursion bit set. This may allow a remote attacker to determine which domains have recently been resolved via this name server, and therefore which hosts have been recently visited. For instance, if an attacker was interested in […]Read More »Brute forcing DNS Records
Test Objectives Perform name lookups with a wordlist (dictionary attack) to identify services/hosts/websites in the target domain. Only applicable if Check for DNS zone transfer failed.Read More »Check for Reverse DNS lookup presence
Test Objective: Obtain valid server names and aliases for the IP addresses in the defined scope of the test. Only applicable if Check for DNS zone transfer failed.Read More »Check for DNS zone transfer
Test Objective Test if the authoritative nameservers are allowing zone transfers for the domains in scope.Read More »Check for DNS software version
Test Objective: Check if the DNS servers are vulnerable to version queries. Analyze the reported version for vulnerabilities and available exploits.Read More »