Find out DNS Server Version With DNS Server Fingeprinting tool

by on September 27, 2007 · 1 comment· LAST UPDATED September 29, 2007

in , ,

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command’s remote OS detection facility).

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D nixcraft.com
Output:

fingerprint (nixcraft.com, 64.202.165.116): bboy MyDNS
fingerprint (nixcraft.com, 208.109.80.52): bboy MyDNS 

You can easily find out if recursion enabled or not:
$ fpdns ns1.vnsl.com.
Output:

fingerprint (ns1.vnsl.com., 69.60.111.228): ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  

To read list of servers from key board, enter:
$ fpdns -
Output:

ns2.vnsl.com
fingerprint (ns2.vnsl.com, 64.85.160.11): ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]
ns1.softlayer.com
fingerprint (ns1.softlayer.com, 66.228.118.8): ISC BIND 9.2.3rc1 -- 9.4.0a0
ns.yahoo.com
fingerprint (ns.yahoo.com, 66.218.71.63): ISC BIND 8.3.0-RC1 -- 8.4.4
ns1.google.com
fingerprint (ns1.google.com, 216.239.32.10): ISC BIND 8.3.0-RC1 -- 8.4.4 

Further readings

=> Read fpdns man page.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!
1 Ulver October 28, 2009 at 9:09 pm

really nice stuff dear vivek , thanks a lot !

Comments on this FAQ are closed. If you'd like to continue the discussion on this topic, you can do so at our forum.

Tagged as: , , ,

Previous post:

Next post: