Skip to content

Massive DNS open relay scanner

License

GPL-2.0, GPL-3.0 licenses found

Licenses found

GPL-2.0
LICENSE
GPL-3.0
COPYING
Notifications You must be signed in to change notification settings

koushui/namescan

This branch is 15 commits behind crondaemon/namescan:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

e5a030c · Sep 26, 2014

History

40 Commits
Dec 30, 2013
Feb 11, 2014
Feb 11, 2014
Dec 30, 2013
Dec 30, 2013
Dec 30, 2013
Dec 28, 2013
Apr 22, 2014
Sep 26, 2014
Feb 11, 2014
Dec 30, 2013
Apr 22, 2014
Feb 11, 2014
Feb 15, 2014
Feb 11, 2014
Feb 11, 2014
Feb 11, 2014
Feb 11, 2014
Feb 11, 2014
Dec 30, 2013
Dec 30, 2013
Feb 11, 2014
Apr 22, 2014
Apr 22, 2014
Feb 11, 2014
Feb 11, 2014
Apr 22, 2014
Feb 11, 2014
Feb 11, 2014
Dec 30, 2013

Repository files navigation

namescan

Massive DNS open relay scanner

Build Status

Namescan is a massive port scanner designed specifically for finding open relays. An open relay is a DNS server that makes queries on behalf of another host. When it makes them for any IP on the Internet, it is called a open relay.

Namescan works in a very similar way to scanrand, zmap or masscan. But while they are port scanners, namescan is an application scanner. It doesn't just checks that the port is open, but makes a recursive query for a custom domain and checks for the answer.

It can also spoof the source address, making it the actual tool for a complete DNS reflection attack.

COMPILATION

To compile, just issue the following commands:

autoreconf -i
./configure
make

USAGE

namescan 0.1.2 - massive DNS scanner

Usage: ./namescan [-i <iface>] [-v] [-s <source>] [-d <delay>] [-t <timeout>] 
    [-o <outfile>] [-n <domain name>] [-q <type>] [-c <class>] [-r] [-l <level>] 
    [-e] <addresses to scan>
  • -i: the interface to use. If not specified, the first available interface will be used
  • -v: verbose mode
  • -s: the source IP address to use. Default: the current interface IP.
  • -d: delay between packets. Deafault: 0.
  • -t: timeout after last probe. Default: 3 secs.
  • -o: optional output file for results.
  • -n: optional domain name to probe. Default: current hostname.
  • -q: query type. Default: 1.
  • -c: query class. Default: 1.
  • -r: do not randomize targets.
  • -l: show only relays that are above this amplification ratio.
  • -e: do not add EDNS0 record
  • ip address(es) to scan. See below.

The addresses to scan can be specified as a comma-separated list of CIDR addresses. Example: 8.8.8.8/24,9.9.9.9/16, or 8.8.4.4.

Related Projects

dines: the definitive DNS packet forger

About

Massive DNS open relay scanner

Resources

License

GPL-2.0, GPL-3.0 licenses found

Licenses found

GPL-2.0
LICENSE
GPL-3.0
COPYING

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 97.9%
  • C++ 2.1%