Vulnerability Development mailing list archives
Re: DNS zone transfer
From: Olaf Kirch <okir () caldera de>
Date: Mon, 10 Jun 2002 10:46:20 +0200
On Sun, Jun 09, 2002 at 10:45:18AM -0700, Brad Bemis wrote:
Just a few ideas... There are several more advanced methods that could also be used, but they do not involve passive information gathering ;-)
Try whois to get the IP networks assigned to the target, then do PTR lookus to gather host names in that zone, and finally forward lookups on all names retrieved that way. Most of the time this should give you ~90% of all records in that zone (most notably, CNAMEs will fall through the cracks). Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir () caldera de | experienced what can best be described as ------------------+ ISO water torture. -- Peter Gutmann
Current thread:
- DNS zone transfer Vlad (Jun 08)
- Re: DNS zone transfer Short_Circut (Jun 08)
- RE: DNS zone transfer Vlad (Jun 09)
- RE: DNS zone transfer Maximiliano Perez (Jun 09)
- RE: DNS zone transfer David Schwartz (Jun 09)
- Re: DNS zone transfer Ed Schmollinger (Jun 10)
- RE: DNS zone transfer Maximiliano Perez (Jun 10)
- Re: DNS zone transfer Deus, Attonbitus (Jun 10)
- Re: DNS zone transfer Frank Knobbe (Jun 11)
- RE: DNS zone transfer Vlad (Jun 09)
- Re: DNS zone transfer Short_Circut (Jun 08)
- RE: DNS zone transfer Brad Bemis (Jun 09)
- Re: DNS zone transfer Olaf Kirch (Jun 10)
- RE: DNS zone transfer Terry Grace (Jun 10)
- Re: DNS zone transfer Edwin Groothuis (Jun 10)
- Re: DNS zone transfer Jefferson Ogata (Jun 11)
- <Possible follow-ups>
- RE: DNS zone transfer David Schwartz (Jun 09)
- Re: DNS zone transfer Blue Boar (Jun 10)
- Re: DNS zone transfer Eric Monti (Jun 10)