Verify DNS Cache Poisoning Bug Using Windows XP / Vista / 2003 / 2008 System Command Prompt

last updated July 24, 2008 in BIND Dns, Sys admin, Tips, Windows, Windows server, windows vista

I already wrote about verifying your own or ISP recursive resolvers using dig command under Linux and UNIX. However, most windows users don’t have dig command installed. You can use nslookup command as follows (open dos prompt by visiting Start > Run > type “cmd” > Enter:
nslookup -type=txt -timeout=30 porttest.dns-oarc.net nslookup -type=txt -timeout=30 porttest.dns-oarc.net ns1.your-isp.com nslookup -type=txt -timeout=30 porttest.dns-oarc.net NS-SERVER-IP
You must see the word GOOD otherwise your dns is open to attack.

Check DNS Cache Poisoning Under Windows Xp / Vista / Server Edition using nslookup command

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

1 comment

Kiran says:
August 16, 2009 at 3:23 am
Great command, it will surely help new admin to be perfect in DNS side. Can you explain what is porttest.dns-oarc.net exactly ? may be Checking our resolver’s source port behavior???? Any alternate service from this.

Have a question? Post it on our forum!

Tagged as: CVE-2008-1447, dos prompt, nslookup command, porttest, resolvers, server ip, windows users, windows xp