Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Tools to check network ranges for open recursive DNS servers
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
src forgot to add the history directory
.gitignore
AUTHORS.txt
LICENSE.txt
README.md

README.md

open-recursor-check

Tools to check network ranges for open recursive DNS servers An example of the scripts' output can be seen at http://ormon.funkfeuer.at/

Installation

Prerequisites

python 2.6 or higher python-json rrdtool

These scripts were tested on Debian squeeze (6.0.7)

Preparations

First create the RRD database:

$ ./init.sh

Configuration

Then specify the IP ranges which should be scanned:

$ vi  scan-my-net.py

Example:

ranges=["192.168.0.0/24","10.0.0.0/16"]

Change the ranges to your needs

Testing

Make a test run: $ ./scan-my-net.py

This should give you an output similar to:

akaplan@0xffshell:~/openrecursors/scanning$ ./scan-funkfeuer.py
[<ip.Range instance at 0x24174d0>, <ip.Range instance at 0x2417320>]
test:DNS Recursor, ip: 193.238.156.0, result:False
test:DNS Recursor, ip: 193.238.156.1, result:False
test:DNS Recursor, ip: 193.238.156.2, result:False
test:DNS Recursor, ip: 193.238.156.3, result:False
test:DNS Recursor, ip: 193.238.156.4, result:False
test:DNS Recursor, ip: 193.238.156.5, result:False
test:DNS Recursor, ip: 193.238.156.6, result:False

Terminate the scan with Ctrl-C or Ctrl-Z and kill %1

If you see some error messages, there is something wrong with your python setup

Permanent installation

Add scan-my-net.py to your crontab:

0  3  *   *   *     ( /home/akaplan/openrecursors/scanning/doit.sh  > /dev/null )

(change the paths according to your installation)

Test the graphs

init.sh can generate the graphs based on the RRD data. symlink the graphs to your webservers' DocumentRoot. Now you can see them online :)

Open issues and further research

1) Currently, the init.sh file re-creates the .rrd database completely and re-plots every RRD graph . This is inefficient.

2) scanning the network should be done in parallel. Look at 0-mq and related technologies for parallelizing this.

Something went wrong with that request. Please try again.