Re: Detecting DNS Servers

From: Michael Thumann (mlthumann_at_ids-guide.de)
Date: 07/11/03

Next message: Gwendolynn ferch Elydyr: "Re: Product review postings (was Administrivia)"

Previous message: johnny cyberpunk: "Re: Detecting DNS Servers"
Maybe in reply to: Rodrigo Ramos: "Detecting DNS Servers"
Next in thread: Jim: "Re: Detecting DNS Servers"
Reply: Jim: "Re: Detecting DNS Servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 11 Jul 2003 20:56:46 +0200
To: Rodrigo Ramos <rodrigo.ramos@ipad.com.br>

Hi Rodrigo,

Mike has published example code for that. you can find it at
www.wiley.com/compbooks/schiffman

Look for sift.

Hope that helps
Michael

At 15:16 11.07.2003 -0300, Rodrigo Ramos wrote:
>Hi Michael,
>
>I haven't read this book.
>Cold you give me an example? Would I need a packet builder?
>
>
>Best regards,
>Rodrigo Ramos
>
>On Fri, 2003-07-11 at 14:12, Michael Thumann wrote:
> > Mike Schiffman explained one way in his book 'Building Open Source
> Network
> > Security Tools' . Some DNS Servers will send a version string back, if you
> > send them a chaos class query, especially BIND servers support that and
> are
> > configured to do so by default.
> >
> > cheers
> > Michael
> >
> > At 10:22 11.07.2003 -0300, you wrote:
> > >Hi,
> > >
> > >
> > >I need a help from the community.
> > >At this moment I am reading papers from NIST and ISECOM (osstmm2.0).
> > >I need to know the very best way to discover the versions of DNS
> > >servers.
> > >I need to write a paper about it.I all ready wrote something, but I need
> > >to hear from everybody.
> > >
> > >
> > >
> > >Best Regards,
> > >Rodrigo Ramos
> > >http://www.spytket.com.br
> > >
> > >
> > >
> > >-----------------------------------------------------------------------
> ----
> > >The Lightning Console aggregates IDS events, correlates them with
> > >vulnerability info, reduces false positives with the click of a button,
> > >anddistributes this information to hundreds of users.
> > >
> > >Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> > >more.
> > >-----------------------------------------------------------------------
> -----
> >
> >
> ----------------------------------------------------------------------------------------------------
> > Michael Thumann mlthumann@ids-guide www.ids-guide.de
> > Public Key available at http://www.ids-guide.de/MichaelThumann.asc
> >
> ----------------------------------------------------------------------------------------------------
> > The only secure computer is one that's unplugged, locked in a safe,
> > and buried 20 feet under the ground in a secret location...and i'm not
> > even too sure about that one
> >
> --Dennis
> > Huges, FBI.
> >
> >
> > ---------------------------------------------------------------------------
> > The Lightning Console aggregates IDS events, correlates them with
> > vulnerability info, reduces false positives with the click of a button,
> anddistributes this information to hundreds of users.
> >
> > Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> > more.
> >
> ----------------------------------------------------------------------------
> >
> >

----------------------------------------------------------------------------------------------------
Michael Thumann mlthumann@ids-guide www.ids-guide.de
Public Key available at http://www.ids-guide.de/MichaelThumann.asc
----------------------------------------------------------------------------------------------------
The only secure computer is one that's unplugged, locked in a safe,
and buried 20 feet under the ground in a secret location...and i'm not
even too sure about that one
--Dennis
Huges, FBI.

---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------

Next message: Gwendolynn ferch Elydyr: "Re: Product review postings (was Administrivia)"

Previous message: johnny cyberpunk: "Re: Detecting DNS Servers"
Maybe in reply to: Rodrigo Ramos: "Detecting DNS Servers"
Next in thread: Jim: "Re: Detecting DNS Servers"
Reply: Jim: "Re: Detecting DNS Servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Unusual Web Server
... >The Lightning Console aggregates IDS events, correlates them with ... >vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users. ...
(Pen-Test)
Re: DSL modems used for pen-testing
... >The Lightning Console aggregates IDS events, correlates them with ... vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users. ...
(Pen-Test)
RE: Unusual Web Server
... > I have found a web server that I cannot identify. ... vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users. ...
(Pen-Test)
Re: Kein Internet nach Servicepack 2 Install
... > Rate von False Positives bekannt. ... Hallo Michael, ... Ich mag kein TOFU. ... Bei Direkt-Mails NOSPAM entfernen ...
(microsoft.public.de.german.windowsxp.networking)