Full Disclosure mailing list archives
Re: How to obtain hostname lists
From: Harlan Carvey <keydet89 () yahoo com>
Date: Tue, 28 Sep 2004 09:36:43 -0700 (PDT)
None of this is really magic, and is publicly available via a variety of sources...
I would like to know what techniques can Intruders use to obtain a lists of hostname and attack them with exploits code? For example, a huge list like: www.foo.com www.bar.com
Scanning, mostly. Also, DNS zone transfers, but many times it's just plugging a class C or B address range into a scanner and hitting enter.
And so on. Also, they can have a lists with certain criteria in common (os, httpdver) and do a more selective attack. I want to know how they can obtain hostnames asnd create a huge database for potencial host victims?
Besides the usual scanning techniques, throw Googling and searches via Netcraft for httpd's into the mix. ===== ------------------------------------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How to obtain hostname lists fabio (Sep 28)
- Re: How to obtain hostname lists Harlan Carvey (Sep 28)
- Message not available
- Re: How to obtain hostname lists fabio (Sep 28)
- Re: How to obtain hostname lists Harlan Carvey (Sep 28)
- Re: How to obtain hostname lists fabio (Sep 28)
- RE: How to obtain hostname lists pingywon MCSE (Sep 28)
- <Possible follow-ups>
- How to obtain hostname lists str0ke (Sep 28)
- RE:How to obtain hostname lists RandallM (Sep 28)
- Wireless client attacking tool hotspotter 0.4 released Max Moser (Sep 28)