fluidasserts.proto.dns module

This module allows to check vulnerabilities in DNS systems.

fluidasserts.proto.dns.can_amplify(nameserver)

Check if nameserver allows amplification attacks.

Parameters

nameserver (str) – IPv4 or 6 to test.

Return type

bool

fluidasserts.proto.dns.has_cache_poison(domain, nameserver)

Check if cache poisoning is possible.

The check is made by looking DNSSEC records.

Parameters
  • domain (str) – Name of the zone to transfer.

  • nameserver (str) – IPv4 or 6 to test.

Return type

bool

fluidasserts.proto.dns.has_cache_snooping(nameserver)

Check if nameserver has cache snooping.

(supports non recursive queries) :type nameserver: str :param nameserver: IPv4 or 6 to test.

Return type

bool

fluidasserts.proto.dns.has_recursion(nameserver)

Check if nameserver has recursion enabled.

Parameters

nameserver (str) – IPv4 or 6 to test.

Return type

bool

fluidasserts.proto.dns.is_dynupdate_enabled(domain, nameserver)

Check if zone updating is enabled.

Parameters
  • domain (str) – Name of the zone to transfer.

  • nameserver (str) – IPv4 or 6 to test.

Return type

bool

fluidasserts.proto.dns.is_xfr_enabled(domain, nameserver)

Check if zone transfer is enabled.

Parameters
  • domain (str) – Name of the zone to transfer.

  • nameserver (str) – IPv4 or 6 to test.

Return type

bool