Quote:
Originally Posted by crockett
Any way to detect it other than happening to catch the redirect?
|
Actually yes.
Run a test at your DNS servers and check for recursion.
If they are open there it a pretty high chance that they are vulnerable to those attacks.
you can run a test using dnsstuff.com (sample url:
http://www.dnsstuff.com/tools/dnsrep...nstarjunky.com
)
Where you see:
Open DNS servers, it has to say: OK. Your DNS servers do not announce that they are open DNS servers.
If they are open, you might have a security risk.
I've found some old news regarding DNS problems, and that's somehow dirturbing to read, but it's still very actual (those tests where ran in 2005)
http://www.theinternetpatrol.com/mor...o-dns-pharming