RE: DNS mapping
- From: Kluge <kluge@xxxxxxxxxxxxxx>
- Date: Mon, 26 Feb 2007 23:51:08 -0500 (EST)
...but now he wants to know if a certain host in a certain domain was
actually up and online at any point in the past -- and if it was, he also
wants to know which IP it was living on at the time. Neither of which can
be gleaned from WHOIS records.
The only way to accomplish this kind of query would be for him to set up
an automated script that makes daily/regular checks to see if the host in
that rootkit's URL is up and log the results.
-kluge
On Mon, 26 Feb 2007, Walsh, Leo wrote:
For a fee you can see historic whois data for a very large number of------------------------------------------------------------------------
domains at DomainTools:
http://domain-history.domaintools.com/
I believe you can sign up for free and get a few queries before you'll be
required to pay for more searches.
-Leo Walsh
Jefferson Wells International
816-627-4222 (office)
913-484-8051 (cell)
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Ken Kousky
Sent: Saturday, February 24, 2007 9:22 AM
To: 'crazy frog crazy frog'; 'Sergi Rosello'
Cc: oivind.lund@xxxxxxxxx; pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: DNS mapping
If I could branch off here - we have a url from a rootkit that points to a
site that's been up and down and frequently moved. We'd like to know for a
specific date range last year if the site was active and what the IP
address would have been. Is there an easy way to find out the IP address
for a domain for a particular historic date range other than working with
the name registration source? Is there an independent log we could check
out?
KWK
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of crazy frog crazy frog
Sent: Thursday, February 22, 2007 1:23 AM
To: Sergi Rosello
Cc: oivind.lund@xxxxxxxxx; pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: DNS mapping
http://www.seologs.com/ip-domains.html
this will help you.althoug not much accurate.
but you can determine the domains hosted on ur ip.
On 2/21/07, Sergi Rosello <sergi_75@xxxxxxxx> wrote:
> Try whit it:
> > www.dnspython.org
> > luck :-)
> > --- oivind.lund@xxxxxxxxx escribió:
> > > I was wondering if there is an easy way to write a script to use for
> > reverse DNS mapping.
> > For instance, inputting the address test.com to the script and then
> > having the script reverse mapping the address and testing other
> > common DNS names like mail.test.com , web.test.com etc ?
> > Or maybe there is a tool available which allows me to do this and
> > make my own list of common DNS names ?
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- RE: DNS mapping
- From: Walsh, Leo
- RE: DNS mapping
- Prev by Date: Re: Penetration Testing Framework 0.24 released
- Next by Date: Re: DNS mapping
- Previous by thread: RE: DNS mapping
- Next by thread: Re: DNS mapping
- Index(es):
Relevant Pages
|
|
