Full Disclosure mailing list archives
Re: DNS mining ?
From: "Steven Adair" <steven () securityzone org>
Date: Mon, 9 Apr 2007 10:22:04 -0500 (EST)
There are numerous tools out there that will take IP addresses and report back [all] the domains on them. The best one I came across some time about was the Reverse IP search from www.domaintools.com. Unfortunately to get the entire list you have to pay now -- I think. You used to just be able to register for a free account that would let you do 5 searches a day and show you all the domains. So if one IP had 3000 domains on it, it would let you go through all of them, and that was one search. Now you can just see a small selection. There are all similar tools on the Internet. Someone posted a while back on Full Disclosure and Security Focus about how to find all the domains on a particular IP. There were a few websites that people listed. Usually when used in conjunction with one another they would accurate list most of the domains on an IP. However, after using those and then finding this site, I found this tool to always equal to or better than using the combination of others. So just take Google IP addresses, such as on the IP your rfsee.net is on (72.14.207.99) and put it in their Reverse IP lookup. http://www.domaintools.com/reverse-ip/ I forgot the other websites. I suppose they would be better now that this search is limited. Steven
Hello, I have a domain name which has it's primary A record pointing at google. This domain hasn't been published anywhere and is very low traffic, surprisingly this guy has it listed as one of the entries pointing to google: http://72.14.205.104/search?q=cache:Vp6UWUf7NmMJ:mousecave.com/google/+rfsee.net His list is correct, question is how could he possibly compose it? Scanning the whole [[:alnum:]]{1,30} dns range is impractical. I find it hard to believe he is sniffing some major backbone router for traffic and having access to a root DNS won't help him much (IMHO). How could he then have done it? The only option I can think of is that he is working @google or has backdoor access to google indexing service which allows him to query for info such as "With what header did the http request came to the server". I find this highly intriguing. Ideas are welcome. -- Cheers, Maxim Veksler "Free as in Freedom" - Do u GNU ? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ !DSPAM:461a41ec247451260181254!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DNS mining ? Maxim Veksler (Apr 09)
- Re: DNS mining ? Valdis . Kletnieks (Apr 09)
- Re: DNS mining ? Maxim Veksler (Apr 10)
- Re: DNS mining ? Valdis . Kletnieks (Apr 10)
- Re: DNS mining ? Maxim Veksler (Apr 10)
- Re: DNS mining ? Steven Adair (Apr 09)
- Re: DNS mining ? Aaron Gray (Apr 09)
- Re: DNS mining ? Brian Dessent (Apr 09)
- Re: DNS mining ? Aaron Gray (Apr 09)
- Message not available
- Re: DNS mining ? Maxim Veksler (Apr 10)
- Re: DNS mining ? Valdis . Kletnieks (Apr 09)