Watch your DNS records day and night with Nagios plugins


Domain records are most visible vulnerable and many time crucial asset of the company. Attackers need not break your firewall protection, find and develop exploits for software running on your server to cut off your company from mails - it is enough for them to cause a change of MX record and it's done - no incoming mails. I've seen real life example of this happening with huge company when due to human error made to MX record that went unnoticed the company didn't get mails. While there are companies making millions on protecting domains (do whois on Google.com,Facebook.com to see example) you can at least spot potential problems automatically in no time with Nagios. The plugin to watch for DNS record is called check_dns and works this way - you configure which hostname to query and what the IP address for it should be , if the IP returned doesn't much the one configured the Critical condition occurs and alert is fired.
This is the simplest of possible checks - to check hostname to IP mapping, more advanced checks are possible with check_dig plugin.
Example - if IP of the hostname mx20.013net.net that handles mail for my provider changes from 194.90.9.19, the alert will be sent:
check_dns -H mx20.013net.net -a 194.90.9.19 -s 8.8.8.8