dnscacheaudit announcement
Manish Gupta - मनिष गुप्ता
manish at dbsentry.com
Fri Sep 26 14:31:40 UTC 2008
Hello All,
I am not sure whether it is a right forum for this announcement.
However, considering the fact that this list has users of bind as
subscribers, this announcement should be useful for them. If this is not
a right forum apologies in advance.
While patching our DNS servers to protect them from latest DNS
vulnerability, I felt a lack of DNS cache audit utility. After few days
Jose Avila released his CacheAudit utility. However, I wanted a utility
that could generate a audit report of the cache, which then could be
given to a security analyst for analysis.
I sat down and wrote dnscacheaudit utility in perl. It is a simple perl
utility to audit entries in the bind cache. At the end of the run this
utility creates a pdf report showing number of domain in the bind cache
that has different IP address in the cache from the reference servers.
This utility is inspired by CacheAudit utility by Jose Avila and is
released under BSD license.
I wrote this utility on Fedora Core 6 and tested against DNS cache from
bind that comes with Solaris 10.
It is hosted on sourceforge and can be downloaded from
http://dnscacheaudit.sourceforge.net
Word of encouragement/critic, etc would be highly appreciated.
Thanks and Regards
Manish
--
Manish Gupta
DBSentry Corp.
"Reducing Paper Storage"
703.568.3036
www.dbsentry.com
More information about the bind-users
mailing list