≡ Menu

Verify DNS Cache Poisoning Bug Using Windows XP / Vista / 2003 / 2008 System Command Prompt

I already wrote about verifying your own or ISP recursive resolvers using dig command under Linux and UNIX. However, most windows users don't have dig command installed. You can use nslookup command as follows (open dos prompt by visiting Start > Run > type "cmd" > Enter:
nslookup -type=txt -timeout=30 porttest.dns-oarc.net
nslookup -type=txt -timeout=30 porttest.dns-oarc.net ns1.your-isp.com
nslookup -type=txt -timeout=30 porttest.dns-oarc.net NS-SERVER-IP

You must see the word GOOD otherwise your dns is open to attack.

Check DNS Cache Poisoning Under Windows Xp / Vista / Server Edition using nslookup command

Check DNS Cache Poisoning Under Windows Xp / Vista / Server Edition using nslookup command

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

Comments on this entry are closed.

  • Kiran August 16, 2009, 3:23 am

    Great command, it will surely help new admin to be perfect in DNS side. Can you explain what is porttest.dns-oarc.net exactly ? may be Checking our resolver’s source port behavior???? Any alternate service from this.