| ||
Because the sin of trusting the name server information is generally something built into the design of the application, we cant give you a specific list of things to check for during code review. There are some areas that can be red flags anywhere you see a hostname being consumed or a call to gethostbyaddr (or the new IPv6-friendly version), you need to think about what happens to the app if this name isnt reliable.
A second thing to consider is what network protocol is used for communications. It is a lot harder to spoof a TCP connection than the source of a UDP packet. If your application is using UDP as a transport, then you could be getting data from virtually anywhere, whether the DNS system is corrupted or not. In general, it is best to avoid using UDP.