Full Disclosure mailing list archives
Re: Full-disclosure Digest, Vol 4, Issue 18
From: matt sommer <mms () speakeasy org>
Date: Tue, 14 Jun 2005 16:14:23 -0700 (PDT)
On Tue, 14 Jun 2005, full-disclosure-request () lists grok org uk wrote:
Date: Tue, 14 Jun 2005 23:46:00 +0100 (BST) From: full-disclosure-request () lists grok org uk Reply-To: full-disclosure () lists grok org uk To: full-disclosure () lists grok org uk Subject: Full-disclosure Digest, Vol 4, Issue 18 Send Full-Disclosure mailing list submissions to full-disclosure () lists grok org uk To subscribe or unsubscribe via the World Wide Web, visit https://lists.grok.org.uk/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-request () lists grok org uk You can reach the person managing the list at full-disclosure-owner () lists grok org uk When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..." Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. Today's Topics: 1. www.whois.sc (Jimmy Stewpot) 2. Re: www.whois.sc (Andreas Gietl) 3. Re: www.whois.sc (tgoogle) 4. iDEFENSE Security Advisory 06.14.05: Multiple Vendor Telnet Client Information Disclosure Vulnerability (iDEFENSE Labs) 5. iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability (iDEFENSE Labs) 6. iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Web Access Cross-Site Scripting Vulnerability (iDEFENSE Labs) 7. iDEFENSE Security Advisory 06.14.05: Microsoft Windows Interactive Training Buffer Overflow Vulnerability (iDEFENSE Labs) 8. Anti-Virus Malformed ZIP Archives flaws [UPDATE] (Thierry Zoller) 9. RE: Exploits Selling / Buying (Ivaylo Zashev) 10. MDKSA-2005:099 - Updated gaim packages fix more vulnerabilities (Mandriva Security Team) 11. Re: In USA the Government Votes for YOU? - Electronic Voting Systems'Security, Report (bkfsec) 12. MDKSA-2005:100 - Updated rsh packages fix vulnerability (Mandriva Security Team) 13. RE: Web application Security Scanner (Cosmin Stejerean) (Stejerean, Cosmin) ---------------------------------------------------------------------- Message: 1 Date: Tue, 14 Jun 2005 14:04:12 +0100 From: Jimmy Stewpot <squid () oranged to> Subject: [Full-disclosure] www.whois.sc To: full-disclosure () lists grok org uk Message-ID: <42AED5CC.9040709 () oranged to> Content-Type: text/plain; charset=ISO-8859-1 Hello, I have recently seen a web page www.whois.sc. One of the features that they have is a "reverse ip" lookup. With that tool I can lookup the IP address of a server and it will return how many domains are hosted on it. What I have been trying to figure out is how does that work? I did a tcpdump on the server that I looked up and it didnt see any abnormal packets. Does anyone have any idea how that feature works? For example If lookup the following : http://www.whois.sc/reverse-ip/?lookup=210.193.162.9 It comes back and shows me several domain names hosted (two to be exact). Can anyone shed some light on that? Thanks ------------------------------ Message: 2 Date: Tue, 14 Jun 2005 15:09:46 +0200 From: Andreas Gietl <a.gietl () e-admin de> Subject: Re: [Full-disclosure] www.whois.sc To: Jimmy Stewpot <squid () oranged to> Cc: full-disclosure () lists grok org uk Message-ID: <42AED71A.2060904 () e-admin de> Content-Type: text/plain; charset=ISO-8859-1 As the results are not very accurate and i see no possibility to gain these information directly from the host running the ip or any entries in die ptr for the ip, i guess they just keep a database of domains and ther ip-adresses and do a lookup on the ip for that ip. Jimmy Stewpot wrote:Hello, I have recently seen a web page www.whois.sc. One of the features that they have is a "reverse ip" lookup. With that tool I can lookup the IP address of a server and it will return how many domains are hosted on it. What I have been trying to figure out is how does that work? I did a tcpdump on the server that I looked up and it didnt see any abnormal packets. Does anyone have any idea how that feature works? For example If lookup the following : http://www.whois.sc/reverse-ip/?lookup=210.193.162.9 It comes back and shows me several domain names hosted (two to be exact). Can anyone shed some light on that? Thanks _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
m. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Full-disclosure Digest, Vol 4, Issue 18 matt sommer (Jun 14)