Security Basics mailing list archives
Re: DNS and SMTP
From: Alvin Oga <alvin.sec () Virtual Linux-Consulting com>
Date: Mon, 31 May 2004 19:04:41 -0700 (PDT)
hi ya
On Fri, 2004-05-28 at 09:16, kaps lock wrote:Hi All, I am a security new bie.I would like to know or atleast if somebody can have me some pointers to good turtorials on
read ... the first 10 pages of all the links that google returns for each "search string" you give it ..
1)DNS basically i want to be able to understand everything about DNS ,using nslookup,dig inorder to be a good security analyst.
knowing how to use the wrong tools wont help with being a "security analyst" - what kind of analyst ?? ( writing articles for general public or for teaching ( security classes for certification ? as it has been pointed out ... read both books about DNS by cricket liu ( not just the oreilly one ) - you/we will never know "everything" about dns
like how i could determine OS of adns server ,
nmap -O 1.2.3.4 or nessus or queso or ...
or say how i could determine what evrsionof BIND it is using etc.
telnet 1.2.3.4 53 - and if you believe the answer, there might be a nice lakefront land for sale in the nevada dessert too
2)SMTP If somebody could tell me what is an Object ID and how does it function and how it is decided upon!!Like the tree that is followed.Also could a system be compromised if a attacker nows the communitry string?
always, always assume the attacker already has root access to any of your servers and try to protect whatever you are trying to protect and why and at what costs and what are ALL of the consequences of them doing "rm -rf /" on that server and any other server that they can get into c ya alvin --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: DNS and SMTP Alvin Oga (Jun 01)