Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?

From: Jorrit Kronjee (full-disclosure_at_nospam.wafel.org)
Date: 12/29/04

  • Next message: Todd Towles: "RE: [Full-Disclosure] And you're proud of this Mike Evanchick?" 
    Date: Wed, 29 Dec 2004 19:49:46 +0100
To: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com

    Ralf Glauberman wrote:
    > Hello all,
    > after Lode Vermeiren having published on the 7th of December that many
    > tlds are transferable I did further research on this. Much to my
    > surprise this wasn't just a problem of little states. i did a complete
    > scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt)
    > including every soa and ns server. i got results from 141 out of the
    > 258 checked tlds. i din't check every single output, but there are not
    > more than 10 false-positives within these. while the ca zone is secure
    > now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and
    > fi (~ 11 MB, ~ 235.000 records) are transferable.
    > all in all, i found that the following tlds are transferable (also
    > there might be some false-positives):

    arpa being one of those false positives (it's hardly exploitable by
    spammers anyway).

    Although only a few nameservers of the tld allow zone transfers - and
    you really have to look for them - it really amazes me that these
    nameservers aren't properly configured.

    I'm just glad I don't live in any of these countries.

    Jorrit

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Todd Towles: "RE: [Full-Disclosure] And you're proud of this Mike Evanchick?"