Maybe you have heard about verisign 'hijacking' all previously unresolved dns names and redirecting it to their own web sites, that this makes it hard for anti-spam software to tell the difference between real domains and phony ones, but think about this:
You put some ip addresses in nessus, you select 'do reverse dns'. The ip addresses resolve to a dns name that DOESN'T resolve. Now you are doing penetration tests against verisign's server since ALL unresolved names now are owned by verisign. You may wish to firewall all outgoing connections to 64.94.110.11 and/or place a 'deny 64.94.110.11' rule in your nessusd.conf file to prevent you from accidentally running nessus against verisign's server. For references you may look at these articles. 'http://www.zdnet.com.au/newstech/communications/story/0,2000048620,20278673,00.htm' 'http://news.zdnet.co.uk/business/0,39020645,39116436,00.htm' -- Michael Scheidell SECNAP Network Security 561-368-9561 x 1131 www.secnap.com
