7 posts about

Root DNS Servers Experienced DDoS Attack with 5 Million Queries per Second

A report from Root [DNS] Server Operations or rootops published on December 4th, 2015 stated that the Internet Domain Name System’s root name servers received a high rate of DNS queries over two separate intervals. The incidents occurred on November 30, 2015 and December 1st, 2015. The queries were “well-formed, valid DNS messages for a single domain...
Read More

Big day for exploits

Nearly 90 percent of Android devices vulnerable to endless reboot bug.- Exploits a flaw in Android media players when running .mkv files only. The vulnerability affects Android versions 4.0.1 to 5.1.1 Google has already patched the vulnerability. http://www.scmagazine.com/yet-another-dos-vulnerability-affects-android-devices/article/430661/ Revamped RIG exploit kit infects 1 million PCs (27,...
Read More

Bind DNS Server major flaw could let a script kiddie bring down large number of DNS servers

BIND is most widely used DNS Server to date. A major flaw was found in BIND’s versions from 9.1.0 to 9.8.x, 9.9.0 to 9.9.7-P1, and 9.10.0 to 9.10.2-P2. (CVE-2015-5477) Attackers can exploit it by sending vulnerable servers a malformed packet that’s quite easy to...
Read More

OSSEC Alert On New Files

OSSEC Alert On New Files thumbnail
A colleague came to me today complaining about how tons of malicious .php files are showing up in his Apache directory. After talking to him about vulnerability testing against his website, I suggested he take a look at OSSEC for its system and file integrity checks. OSSEC has the ability to alert you if contents of a system...
Read More

Automate DNS Zone Transfer

/bin/bash #Simple zone transfer bash script with $1 being first argument given #Tested against zonetransfer.me #for example ./zonetransfer.sh zonetransfer.me if [ -z "$1" ];then echo "[] Simple Zone Transfer script" echo "[] Usage : $0 " exit 0 fi #if argument was given, identify DNS servers for domain. #For each of these servers, attempt a zone transfer for server...
Read More

The author would love to hear your comments. Let us discuss at Twitter @hashtaginfosec.