question regarding nessus plug-in 10595 DNS AXFR
From: cissper (cissper_at_yahoo.com.au)
Date: 02/24/04
- Previous message: Chuck Fullerton: "Sam Spade.org"
- Next in thread: Mike Hoskins: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Mike Hoskins: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Ariel Martinez: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Maybe reply: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Pedro Andujar: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <pen-test@securityfocus.com> Date: Tue, 24 Feb 2004 19:41:49 +1100
Dear all
In one of my scans, nessus reported a vulnerability allowing DNS zone
transfers (see below).
I have tried to verify this vulnerability manually with nslookup and
other tools. Apparently
a manual DNS zone transfer did not work! So I am just wondering if
anybody knows what this plug-in
is exactly doing. I am not yet familiar with the scripting language
used.
I would appreciate if anybody could tell how the plug-in could perform a
zone transfer.
Thank you guys!!
--------------------------------------------
nessus message:
The remote name server allows DNS zone transfers to be performed.
A zone transfer will allow the remote attacker to instantly populate
a list of potential targets. In addition, companies often use a naming
convention which can give hints as to a servers primary application
(for instance, proxy.company.com, payroll.company.com, b2b.company.com,
etc.).
As such, this information is of great use to an attacker who may use it
to gain information about the topology of your network and spot new
targets.
Solution: Restrict DNS zone transfers to only the servers that
absolutely
need it.
Risk factor : Medium
ID: 10595
--------------------------------------------
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------
- Previous message: Chuck Fullerton: "Sam Spade.org"
- Next in thread: Mike Hoskins: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Mike Hoskins: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Ariel Martinez: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Maybe reply: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Reply: Pedro Andujar: "Re: question regarding nessus plug-in 10595 DNS AXFR"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
