Penetration Testing mailing list archives

RE: Several Domains

From: "Ahmed Zaki" <ahmedmzaki () gmail com>
Date: Fri, 12 Dec 2008 03:33:32 -0000

Thanks for your reply . 

Apparently its my fault I should have made my question clearer. 

Your target is Company X . The ip of the mail server turned to be
xxx.xxx.xxx.xxx and that when used to do a reverse DNS lookup gave
mail.companyx.com , mail.companyx-fs.com, mail.companyx.com.fs ,
mail.companyxfs.com . As a pentester how would you go about identifying the
actual domain name that is being used internally . 

I am not asking for networking FACTS here,  I am rather asking the
pentesters out there about their past experiences thus I identify myself as
a noob.

I hope this is clearer .

-----Original Message-----
From: Manuel Leithner [mailto:manuel.leithner () runbox com] 
Sent: Friday, December 12, 2008 2:32 AM
To: Ahmed Zaki
Cc: pen-test () securityfocus com
Subject: Re: Several Domains

1. Wrong mailing list. This list is about pen testing, not networking 101.
2. Well, think. (Hint: myname.com and myname.name could be the same server.
What about 20 named vhosts, each having the same IP, but serving a different
site?)

Regards,
Manuel Leithner

On Fri, 12 Dec 2008 00:52:42 +0100, listbounce () securityfocus com wrote:

Hi all
       I am noob and I am on a self learning exercise. 
                A friend who has a company has allowed to go ahead and
pursue my reconnaissance exercise on his domain. I cam across something

that

I would like maybe anyone to comment on it. What does it mean when I dig a
name for a host getting an ip address and when I do a reverse lookup I get
several names including the one I supplied.  All the returned though

belong

to the same owner as I can see from the domain names . 

Regards
 

 

__________ Information from ESET NOD32 Antivirus, version of virus

signature

database 3684 (20081211) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3685 (20081212) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 
 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3685 (20081212) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

Several Domains Ahmed Zaki (Dec 11)
- Re: Several Domains tony_l_turner (Dec 11)
- Message not available
  - RE: Several Domains Ahmed Zaki (Dec 11)
    - Re: Several Domains Todd Haverkos (Dec 12)
    - Re: Several Domains Tim Brown (Dec 12)
    - Re: Several Domains David Howe (Dec 12)
    - Re: Several Domains Adam Thompson (Dec 12)
    - Re: Several Domains ArcSighter (Dec 12)