Penetration Testing mailing list archives

how to check for hostnames of wildcard-domains

From: thomas springer <tuevsec () gmx net>
Date: Sun, 12 Feb 2006 20:32:27 +0100

I'm stumbling more and more over domains that have a A-Record for
*.domain.tld set in their zonefile - with the effect that every
ns-lookup for an A-Record on this domain returns an ip, even if the
hostname is not really existing. You might check for the wildcard with a
simple "dig *.domain.tld A +short".

Is there a way to distinguish the *.dom.tld-matching from a real
existing A-Record using a ns-lookup alone?

tom

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

how to check for hostnames of wildcard-domains thomas springer (Feb 12)
- Re: how to check for hostnames of wildcard-domains A. Ramos (Feb 15)
  - Re: how to check for hostnames of wildcard-domains thomas springer (Feb 16)
- <Possible follow-ups>
- RE: how to check for hostnames of wildcard-domains Dario Ciccarone (dciccaro) (Feb 15)