Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 30 November 2024, 05:30:19 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  DNS external attacks
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: DNS external attacks  (Read 16342 times)
phqr58
Full Member
***
Offline Offline

Gender: Male
Posts: 31


« on: Friday 02 October 2015, 02:29:15 am »

I've been testing against external attacks. No meeting as blocking DNS attack.

The following link shows that vulnerable ENDIAN

http://openresolver.com/
Logged
christophel77
Jr. Member
*
Offline Offline

Posts: 4


« Reply #1 on: Tuesday 10 November 2015, 09:23:46 pm »

Hi

try this command

iptables -A INPUT -p udp --dport 53 -m u32 --u32 "0x28=0x0000ff00"

iptables -A INPUT -p udp --dport 53 -m u32 --u32 "0x28=0x03697363 && 0x2c=0x036f7267"

iptables -A INPUT -p udp --dport 53 -m u32 --u32 "0x28=0x02646b00"




Logged
mmiat
Sr. Member
****
Offline Offline

Gender: Male
Posts: 236


WWW
« Reply #2 on: Tuesday 10 November 2015, 11:10:03 pm »

sorry but I've not understood
if I check an ip from a network that uses Endian and it detects vulnerability, this means that my endian is vilnerable?
thanks
Logged

---------------------
IT Consultant
www.fsw.it
Hardware & Software
Timmeh
Full Member
***
Offline Offline

Posts: 34


« Reply #3 on: Sunday 22 November 2015, 12:58:04 am »

i think this test only check if the dns server allows recursive queries and therefore enabling dns amplification...

not vunerable just open to abuse
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com