DNS fingerprinting tool

fpns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. False positives or incorrect versions may be reported when trying to identify a set of servers residing behind a load-balancing apparatus where the servers are of different implementations, when a specific implementation behaves like a forwarder, behind a firewall without statefull inspection or without Application Intelligence.
DNS fingerprinting Tool - Download: DNS-Fingerprint

Methodology


We use series of "borderline" query-response messages to identify implementations. Series of query-response messages form a sequence. As mentioned, responses to a "borderline" query is used in this method. To be somewhat efficient, a tree can be constructed which consists of queries (nodes) and responses (branches), where the leave nodes identify the implementation.
Every path, from the root node (initial query) to a leave node (final query) is a sequence or "strain". The strains are used to distinguish between, and as said, ultimately identify implementations.