Verify DNS Cache Poisoning Bug Using Windows XP / Vista / 2003 / 2008 System Command Prompt

by on July 24, 2008 · 1 comment· LAST UPDATED July 24, 2008

in , ,

I already wrote about verifying your own or ISP recursive resolvers using dig command under Linux and UNIX. However, most windows users don't have dig command installed. You can use nslookup command as follows (open dos prompt by visiting Start > Run > type "cmd" > Enter:
nslookup -type=txt -timeout=30 porttest.dns-oarc.net
nslookup -type=txt -timeout=30 porttest.dns-oarc.net ns1.your-isp.com
nslookup -type=txt -timeout=30 porttest.dns-oarc.net NS-SERVER-IP

You must see the word GOOD otherwise your dns is open to attack.

Check DNS Cache Poisoning Under Windows Xp / Vista / Server Edition using nslookup command

Check DNS Cache Poisoning Under Windows Xp / Vista / Server Edition using nslookup command

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 1 comment… read it below or add one }

1 Kiran August 16, 2009 at 3:23 am

Great command, it will surely help new admin to be perfect in DNS side. Can you explain what is porttest.dns-oarc.net exactly ? may be Checking our resolver’s source port behavior???? Any alternate service from this.

Reply

Leave a Comment

Tagged as: , , , , , , ,

Previous post:

Next post: