Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to obtain hostname lists

From: Harlan Carvey <keydet89 () yahoo com>
Date: Tue, 28 Sep 2004 09:36:43 -0700 (PDT)
None of this is really magic, and is publicly
available via a variety of sources...


I would like to know what techniques can Intruders
use to obtain a lists 
of hostname and attack them with exploits code?
For example, a huge list like:
www.foo.com
www.bar.com


Scanning, mostly.  Also, DNS zone transfers, but many
times it's just plugging a class C or B address range
into a scanner and hitting enter.


And so on. Also, they can have a lists with certain
criteria in common 
(os, httpdver) and do a more selective attack. I
want to know how they 
can obtain hostnames asnd create a huge database for
potencial host victims?


Besides the usual scanning techniques, throw Googling
and searches via Netcraft for httpd's into the mix.


=====
------------------------------------------------------------------------
Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://groups.yahoo.com/group/windowsir/
------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: