Nmap Development mailing list archives

Re: DNSSEC NSEC howto

From: John Bond <john.r.bond () gmail com>
Date: Fri, 25 Feb 2011 09:50:11 +0100

On 25 February 2011 05:31, David Fifield <david () bamsoftware com> wrote:

I wanted to try out John's NSEC enumeration scritp without abusing
public servers. Here's a quick howto on setting up BIND to serve NSEC
records locally on Debian.

Thanks David

ldnsutils also has ldns-walk which does the same job as this
script.

I would be interested to see What peoples experiences are with this
When testing on a complex zone my script seems to find more entries.
i.e. on the zone im testing my script gets 2612 results ldns-walk gets
1725.  I think i know why this is but will have to check the ldns
source tonight

I also noticed last night that my script breaks if the zone has a
wildcard entry, again ill take a look at this over the weekend
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: NSEC Enumeration script, (continued)
- - - Re: NSEC Enumeration script David Fifield (Mar 25)
    - Re: NSEC Enumeration script John Bond (Mar 25)
    - Re: NSEC Enumeration script David Fifield (Mar 25)
    - Re: NSEC Enumeration script John Bond (Mar 15)
    - Re: NSEC Enumeration script John Bond (Mar 17)
    - Re: NSEC Enumeration script David Fifield (Mar 17)
    - Re: NSEC Enumeration script John Bond (Mar 17)
    - Re: NSEC Enumeration script John Bond (Mar 17)
    - Re: NSEC Enumeration script John Bond (Mar 17)
    - DNSSEC NSEC howto David Fifield (Feb 24)
    - Re: DNSSEC NSEC howto John Bond (Feb 25)
    - Re: DNSSEC NSEC howto John Bond (Feb 25)
    - Re: DNSSEC NSEC howto David Fifield (Feb 26)
    - Re: DNSSEC NSEC howto John Bond (Feb 26)
    - Re: DNSSEC NSEC howto John Bond (Feb 25)
- Re: NSEC Enumeration script: license text David Fifield (Mar 03)