Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeroneWaqar_vickyH1:115246
HistoryFeb 07, 2016 - 7:49 p.m.

Paragon Initiative Enterprises: DNSsec not configured

2016-02-0719:49:58
waqar_vicky
hackerone.com
14
JSON

Description:

I found out that there is no DNSSEC configured on your webserver to prevent DNS related attacks. This is an issue that would allow attackers to target your DNS directly The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. It is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality. You guys have not become popular among web vendors this is one thing that you should take under consideration Hope this helps

Steps to reproduce:

http://dnssec-debugger.verisignlabs.com/paragonie.com

Check the above results for paragonie.com

And from the local server visit this URL https://dnssectest.sidnlabs.nl/test.php It will also show you that you are not protected against DNSsec related attack

Suggested fix
Enable DNSsec.

Regards:
Vicky

JSON