Re: finding dyndns names for existing IP

From: John Lampe (jwlampe_at_aceryder.com)
Date: 11/26/03

  • Next message: Funk Jr, Joseph C.: "FW: An excellent online pen-test tool" 
    To: "Thomas Kerbl" <t.kerbl@weigl.de>, <pen-test@securityfocus.com>
Date: Wed, 26 Nov 2003 10:50:41 -0500

    ----- Original Message -----
    From: "Thomas Kerbl" <t.kerbl@weigl.de>
    To: <pen-test@securityfocus.com>
    Sent: Wednesday, November 26, 2003 5:06 AM
    Subject: finding dyndns names for existing IP

    > Hello,
    >
    > To try to summarize the problem:
    >
    > 1) We assume the company uses the DynDns service (or a similar service).
    > 2) We got the actual valid IP through social engineering.
    > 3) We want to find the dyndns name of this IP to keep track.
    >
    > Is there a Database hostet by dyndns (or similar service) we can
    > consult? Or is there a way to do a reverse lookup on the IP?

    Typically, you won't be able to do a reverse lookup on the IP, as it will
    resolve to either NULL or some FQDN within their ISP. However, they are
    using DynDNS for a reason (that should be an assumption, right?)...i.e. they
    are offering some service that users can get to via DynDNS. Why not
    interrogate the applications which are using DynDNS. That is, if it's a
    webserver, find the FQDN via the web port, or if it's an email server,
    either query the banners of force the mail server to bounce you an email
    where you can look at SMTP headers, etc.

    As you have been scanning this IP, what ports are being offered? That might
    be helpful to the conversation.

    John

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Funk Jr, Joseph C.: "FW: An excellent online pen-test tool"

    Relevant Pages

    • Re: frequent external ip changes
      ... My router, a Buffalo WBR-G54 running the DD-WRT v23 SP2 VPN firmware, supports DynDNS and others like No-IP.com. ... If your router does not support those directly you can download a small update program onto one of your PCs that will contact the DynDNS or No-IP servers on a scheduled basis. ... That way the servers know your current public IP address and map that to your fully qualified domain name (FQDN). ... Al Jarvi (MS-MVP Windows Networking) ...
      (microsoft.public.windowsxp.network_web)
    • Re: dyndns domainname anhand von ip-adresse finden?
      ... deinen DynDNS Eintrag. ... fortlaufend einen DNS Zonentransfer durchführen? ... Lookup zu einer IP einen FQDN auflösen. ... sicher ein DynDNS Eintrag zugewiesen wurde, wobei wohl auch noch der DynDNS ...
      (de.comp.security.misc)
    • Re: RPC over HTTPS mit eigener CA und ISA 2004
      ... Der interne FQDN für den Exchannge lautet: ... angeben (interner FQND?)?? ... In der Veroeffentlichung unter oeffentlicher Name den Dyndns. ... Exchangserver im Outlook den.loc und extern den dyndns. ...
      (microsoft.public.de.german.isaserver)
    • Netzwerkobjekt -> Computer -> FQDN statt IP
      ... Ein Kunde hat uns einen SSH Zugang auf einen /krummen/ ... Port freigeschaltet und seine Firewall ist über DynDNS per FQDN ...
      (microsoft.public.de.german.isaserver)