Security Basics mailing list archives
Re: DNS Records
From: "Alberto Cozer" <acozer () fti com br>
Date: Wed, 18 Jun 2003 11:41:38 -0300
If the DNS server is properly configured you wont'be able to gather much data. But there are some techniques: 1) "ls -d". 2) Remote replication using a DNS server you own. 3) Using tools (e.g. DNSDigger). 4) Dictionary based DNS scan Whenever doing this it is strongly recommended to proxy or socksify your connections throughout as many servers as you can find. Most IDSes and log correlation tools will be able to detect your DNS queries and handle is as hostile behavior. Regards, Alberto Cozer Security Outsource Director, Future Technologies Digital Security IBM Certified AIX System Specialist Checkpoint Certified Security Expert, CCSE NG acozer () fti com br http://www.fti.com.br "Fred Dirkse - OIC Group, Inc." To: <security-basics () securityfocus com> <lists@oicgroup.n cc: et> Subject: DNS Records 17/06/2003 18:26 Is it possible to point to a DNS server and somehow get ALL records from it (ie - return all the domain records that server is authoratative for)? If so, how? and how could one stop it from happening if so? Regards, Fred --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- DNS Records Fred Dirkse - OIC Group, Inc. (Jun 17)
- Re: DNS Records Tim Greer (Jun 18)
- RE: DNS Records Fred Dirkse - OIC Group, Inc. (Jun 18)
- Re: DNS Records Tim Greer (Jun 18)
- RE: DNS Records Fred Dirkse - OIC Group, Inc. (Jun 18)
- Re: DNS Records Alberto Cozer (Jun 18)
- RE: DNS Records dave kleiman (Jun 18)
- Re: DNS Records Tim Greer (Jun 18)
- Re: DNS Records ATD (Jun 24)
- <Possible follow-ups>
- RE: DNS Records Brian Kirby (Jun 18)
- Re: DNS Records Anders Reed Mohn (Jun 19)
- RE: DNS Records dave (Jun 20)
- Re: DNS Records Anders Reed Mohn (Jun 19)
- RE: DNS Records Ben Collins (Jun 18)
- Re: DNS Records Marco Araujo (Jun 18)
- RE: DNS Records Charlie Winckless (Jun 19)
- RE: DNS Records David Gillett (Jun 24)
- Re: DNS Records Tim Greer (Jun 18)