2021-07-22 08:41:50 +00:00
id : dnssec-detection
info :
name : DNSSEC Detection
2022-03-14 13:44:54 +00:00
description : Domain Name System Security Extensions (DNSSEC) are enabled. The Delegation of Signing (DS) record provides information about a signed zone file when DNSSEC enabled.
2021-07-22 08:41:50 +00:00
author : pdteam
severity : info
tags : dns,dnssec
2022-03-14 13:44:54 +00:00
reference :
- https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en
- https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score : 0.0
cve-id :
cwe-id : CWE-200
2021-07-22 08:41:50 +00:00
dns :
- name : "{{FQDN}}"
type : DS
extractors :
- type : regex
group : 1
regex :
- "IN\tDS\t(.+)"
2022-03-14 13:44:54 +00:00
# Enhanced by mp on 2022/03/14