fpdns

February 12, 2008 Leave a comment

In an attempt to determint the bind version number remotely, usually something like:

dig @dnsserver.net version.bind txt ch

will give you what you need. However, this is a configuration option that can be turned off. ie, in named.conf they could have set the following

options {

version “back off!”;

}

and, uhh, yeah. that will return “back off!” for our version number, which isn’t very helpful.

Enter fpdns.

From the man page:

fpdns is a program that remotely determines DNS server versions. It does this by sending
a series of borderline DNS queries which are compared against a table of responses and
server versions.

False positives or incorrect versions may be reported when trying to identify a set of
servers residing behind a load-balancing apparatus where the servers are of different
implementations, when a specific implementation behaves like a forwarder, behind a fire‐
wall without statefull inspection or without Application Intelligence.

and it works pretty well from my preliminary tests.

Filed under Pentest, Security Tools Tagged with , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: