TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

WhiteHat Security releases free tool to monitor DNS hijackings

DNS or Domain Name System is responsible for translating a domain name such as “Bing.com” to its corresponding IP address. The IP address consists of numbers that give a unique identification to any domain. With DNS holding such a critical significance it is often abused by hackers or malware programs to gain unauthorized access to your computer.

DNS hijacking

With control over the DNS, hijackers can translate the domain name of genuine websites like Banks, Financial institutions, Social Networking, and more to IP addresses of malicious webpages.  Thus, as a user, you will be directed to a fake website instead of the original one and your personal information could be at risk.

It is important to monitor and have protective measures against DNS Hijackings. Whitehat Security has released one such tool called as dnstest.pl.

WhiteHat’s dnstest.pl Tool

WhiteHat Security has released a free tool that lets you monitor whether your DNS servers have been hijacked.  The tool called as “dnstest.pl” (a Perl script) can run out of cron and can monitor one or more hostname-to-IP-address pairs of sites that are critical to you. In case anything happens, the tool will send you an alert via email informing of the threat.

dnstest.pl is a lightweight application and can be easily set up.

  • Make sure you have Net::DNS installed.
  • Edit dnstable.dat and remove the example and replace it with your own. Make sure you use tabs to delimit the strings.
  • Edit dnstest.pl and change the lines $config to match the path of your configuration file. And change the $mail to be your email address where you want alerts sent.
  • Add it to crontab (using crontab -e) with a string similar to this: 0 * * * * /usr/bin/perl /path/to/dnstest.pl >/dev/null. This will run it once an hour, at the top of the hour. You can change it to whatever works best for you, of course.
  • TEST IT! Change dnstable.dat to an incorrect IP address and wait for the alert to come in.  If it doesn’t come in within an hour, you’ve messed something up.

WhiteHat recommends that its users to go through the above instructions at the time of installation.

Updated on Tags:

AnkitGupta@TWCN

Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.