DNS Server Listed in Known Bot Database

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

According to a third-party database, the remote host is using
a DNS server that is listed as part of a botnet.

Description :

The remote host is using one or more DNS servers that are listed in a
public database as part of a botnet. This could cause requests for
legitimate websites and hostnames to be routed to attacker-controlled
machines. This also suggests that this host may have been
compromised.

See also :

https://support.tenable.com/support-center/index.php?x=&mod_id=2&id=518

Solution :

Investigate the DNS server settings and reinstall the remote system from
scratch if appropriate.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: General

Nessus Plugin ID: 58429 ()

Bugtraq ID:

CVE ID: