Re: Dns info mapping

[Paulo Abrantes <ghostrider () box sk>]

On Tue, 10 Dec 2002 21:41:44 +0100
Jarod <jarlin () ifrance com> wrote:

> On Monday 02 December 2002 23:43, svetsanj () hotmail com wrote:
> > Are their any tools that will take a zone transfer dump and map a
> > network out of it? I usually come across clients who allow zone
> > transfers and we are able to see names of all their servers and IP info.
> > It is possible to draw quiet a detailed network map from this info.
> >
> > Are their any tools that do this?
> >
> >     SKP
> To map you must see the interconnexion between the hosts no ? 
> seems to be a little bit hard without "internal view"
> if I'm correct me 

I do agree with everything you say Jarod,
though when SKP says that he has access
to zone transfer of certain DNS servers. I 
would believe that those zone transfers
were just regarding the public network of
that network. If that's the case a bash 
script using traceroute might do the job 
to map it.
But there's always the firewalls, the NAT 
gateways, and well, the idea that you had
of private networks being also dumped in the 
zone transfer, which I think it's highly
improbable, since a sane sysadmin, would
have at least 2 DNS servers, one for it's
public network and other for the private
network. Though we always have to think
in everything.

Regards, 

Paulo Abrantes

++++++++++++++++++++++++++++++++++++++++
        Computer Science Student @
        Instituto Superior Tecnico 
         (http://www.ist.utl.pt)
 
 "A language that doesn't affect the way 
you think about programming is not worth
knowing." 
++++++++++++++++++++++++++++++++++++++++