HowTo use Dig to check if a DNS server is using random source ports

You can quickly test with dig if a DNS resolver is using random source ports for queries:
dig +short @<IP_DNS_SERVER> porttest.dns-oarc.net txt
for more details check out my post about this: “How to check if your DNS server implements source port randomization“

Tags: bind, dns, named, Security

Related Posts:

2 Responses to “HowTo use Dig to check if a DNS server is using random source ports”

1
Thet Paing
10th February 2009, 10:23
Why we have to test?
2
- Marius -
10th February 2009, 21:14
@Thet Paing: to quickly see (remotely) if you need to fix this or not.

Leave a Reply

« Prev: MySQL 5.1.30-GA released, but still beta quality…

Next: DEB_BUILD_OPTIONS=nocheck »

Marius on Twitter

I'm at California's Great America (4701 Great America Pkwy, at Old Glory Ln, Santa Clara) w/ 3 others. http://4sq.com/4L6eSk 22 hrs ago
. @google why not change the google frontpage to show this event as on other ocasions? #sysadmin 23 hrs ago
RT @Pressflow: #Pressflow now has official, full-history, automatically synchronized mirrors for #Subversion and #git http://is.gd/dS4Xo 1 day ago
I'm attending: High Availability at Yahoo!: Building Web Sites that Don't Go Down on Meetup http://meetup.com/u/8pp 1 day ago
More updates...

Recent Posts