Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Penetration Testing Bootcamp Quickly get up and running with pentesting techniques

Product type Paperback

Published in Jun 2017

Publisher Packt

ISBN-13 9781787288744

Length 258 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Jason Beltrame

View More author details

Table of Contents (11) Chapters

Preface

1. Planning and Preparation

2. Information Gathering FREE CHAPTER

3. Setting up and maintaining the Command and Control Server

4. Vulnerability Scanning and Metasploit

5. Traffic Sniffing and Spoofing

6. Password-based Attacks

7. Attacks on the Network Infrastructure

8. Web Application Attacks

9. Cleaning Up and Getting Out

10. Writing Up the Penetration Testing Report

Checking for DNS recursion with NSE

DNS recursion isn't typically an issue, but if you allow outside hosts to use your internal DNS servers for recursion, you are setting yourself up for potential attacks. DNS amplification attacks can be leveraged using these types of setup, where hackers will use these DNS servers to send spoofed requests to them, and they will respond back to the original host and, if there are a large number of these, a DDOS situation.

To check for DNS recursion, we can use Nmap with the NSE engine. The command is straightforward, as we will do a UDP scan on port 53 and turn on the recursive script with the command nmap -sU -p53 -script=dns-recursion HOST.

In this example, the DNS server is correctly set up as they do not allow DNS recursion:

root@pi-kali:~# nmap -sU -p53 --script=dns-recursion NS.XXX.NET
Starting Nmap 7.40 ( https://nmap.org ) at 2017...

You have been reading a chapter from

Penetration Testing Bootcamp

Published in: Jun 2017

Publisher: Packt

ISBN-13: 9781787288744

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at AU $24.99/month. Cancel anytime

Authors (1)

Jason Beltrame

Jason Beltrame is a Systems Engineer for Cisco, living in the Eastern Pennsylvania Area. He has worked in the Network and Security field for 18 years, with the last 2 years as a Systems Engineer, and the prior 16 years on the operational side as a Network Engineer. During that time, Jason has achieved the following certifications: CISSP, CCNP, CCNP Security, CCDP, CCSP, CISA, ITILv2, and VCP5. He is a graduate from DeSales University with a BS in Computer Science. He has a passion for security and loves learning. In his current role at Cisco, Jason focuses on Security and Enterprise Networks, but as a generalist SE, he covers all aspects of technology. Jason works with commercial territory customers, helping them achieve their technology goals based on their individual business requirements. His 16 years of real-world experience allows him to relate with his customers and understand both their challenges and desired outcomes.

See other products by Jason Beltrame