Penetration Testing mailing list archives
Re: Several Domains
From: ArcSighter <arcsighter () gmail com>
Date: Fri, 12 Dec 2008 09:06:50 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ahmed Zaki wrote:
Thanks for your reply . Apparently its my fault I should have made my question clearer. Your target is Company X . The ip of the mail server turned to be xxx.xxx.xxx.xxx and that when used to do a reverse DNS lookup gave mail.companyx.com , mail.companyx-fs.com, mail.companyx.com.fs , mail.companyxfs.com . As a pentester how would you go about identifying the actual domain name that is being used internally . I am not asking for networking FACTS here, I am rather asking the pentesters out there about their past experiences thus I identify myself as a noob. I hope this is clearer .
The actual domain name that is being used internally? It depends of what status you're in the pentest. If, as usual, you're outside the DMZ or LAN, it won't be possible by just digging into dns records, because in a non-stupid configuration, the external dns won't be authoritative on the LAN zone, in fact, it will contain no clue about this LAN at all; its records would be only the servers at the DMZ and the forwarders info. You could try zone transfer or others against that nameserver but you won't get any possitive results, I think. You have to get INTO the internal network, if what you're interested is the PDC/BDC names. Actually, do you known Paterva? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFJQm/6H+KgkfcIQ8cRAqUDAJwI5u8YxsWnobaiItyS/KZBPgjmrgCeNVkQ rql4BOGPe/sq9tm4ygZszTI= =v7ou -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Several Domains Ahmed Zaki (Dec 11)
- Re: Several Domains tony_l_turner (Dec 11)
- Message not available
- RE: Several Domains Ahmed Zaki (Dec 11)
- Re: Several Domains Todd Haverkos (Dec 12)
- Re: Several Domains Tim Brown (Dec 12)
- Re: Several Domains David Howe (Dec 12)
- Re: Several Domains Adam Thompson (Dec 12)
- Re: Several Domains ArcSighter (Dec 12)
- RE: Several Domains Ahmed Zaki (Dec 11)