DioNiSio, DNS Scanner

Intro	Download	Documentation	Links	Project Page

Links

Here I present some useful links to other pages for people interested in DNS protocol and DNS analyzing tools.

Technical info and other resources

• ISC BIND
  The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.
• DNS related RFCs
  This is an annotated list of Requests for Comments (RFCs) that are directly relevant to DNS, the Domain Name System. 114 DNS-related RFC documents are reviewed here. Inter-document dependencies are listed for a further 20 obsolete DNS-related RFC documents, as well as to some RFCs that are not directly related to DNS.
• djbdns
  D.J. Bernstein developed djbdns, which is a collection of Domain Name System tools. He also has a lot of info about DNS in this page and a lot of stuff about DNS security. It is a must view for any interested in DNS security.

Utilities

• TXDNS
  It is a Win32 aggressive multithreaded DNS digger. Author claims that this program is capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal, like DioNiSio, is to expose a domain namespace trough a number of techniques, but the main difference is that while DioNiSio is fully a free-software project (free & libre), TXDNS is closed source, propietary and only for Win32 platforms.
• Doc (Domain Obscenity Control)
  Doc is a program that diagnoses misbehaving domains by sending queries to the appropriate DNS nameservers and performing simple analysis on the responses. Doc verifies a domains proper configuration and it is functioning correctly.
• dnstracer
  dnstracer determines where a given Domain Name Server (DNS) gets its information from, and follows the chain of DNS servers back to the servers which know the data.
• Revhosts DNSBruteforce
  This tool is used to made a brute force on name resolution. The idea of that tool is to resolve all words dot domain name. To be more useful that tool use multi threading. We use one thread for each name server. Classical brute forcer are sequential. With that method we cut the dictionary in n blocks (n is the number of dns servers) and distribute these blocks to name servers.
• Fierce Domain Scan
  Fierce is a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics.

Word lists

• COTSE-Word Lists
  
• Paul Leyland Word Lists
  
• Packet Stom Word Lists
  
• Phreak.org word lists
  I recommend the list 'Net - Internet Machines' :)
• Word-List.com (free word lists)
  
• Outpost9 Word Lists
  See the list 'etc-hosts.zip'.

Other related things

• DNSDoSTester
  dnsdostester, Ultra fast winpcap based DNS Server query utility. You can send random A (host address) queries to a specified DNS Server. Source IP address spoofable, so requests sent to server totally anonymous.
• DNS Flood Detector
  DNS Flood Detector was developed to detect abusive usage levels on high traffic nameservers and to enable quick response in halting (among other things) the use of one's nameserver to facilitate spam. DNS Flood Detector uses libpcap (in non-promiscuous mode) to monitor incoming dns queries to a nameserver.
• DDNSF
  Distributed DNS Flooder v0.1b Powerful attack against DNS servers.

---

Copyright © 2006-2010 Gerardo García Peña
Verbatim copying and redistribution of this web page are permitted provided this notice is preserved. This page was updated on 2008-01-02 23:45:06 by gerardo.
This page uses valid XHTML 1.1 and CSS.