Re: anonymous Zonetransfer (AXFR) exploatation
- From: "Jamie Riden" <jamie.riden@xxxxxxxxx>
- Date: Thu, 13 Mar 2008 09:45:27 +0000
On 12/03/2008, xx yy <thenucker2004@xxxxxxxxx> wrote:
During some research I came across some server that have anonymous Zonetransfer (AXFR) allowed.
Is there a working attack for a DNS server that has anonymous Zonetransfer (AXFR) allowed ?
It's only an information disclosure vulnerability, so the best you can
do is look at things like the network structure, the hostnames and try
to infer from them. For example, a lot of places give CNAMES for
functionality such as mail, www, smtp, pop3, xxx-db (for database),
etc.
You can also have a look at the distribution of the hosts within the
IP space of the company. Are there gaps? If so, are there computers
there without DNS records? etc. etc.
cheers,
Jamie
--
Jamie Riden / jamesr@xxxxxxxxxx / jamie@xxxxxxxxxxxxxxx
UK Honeynet Project: http://www.ukhoneynet.org/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- anonymous Zonetransfer (AXFR) exploatation
- From: xx yy
- anonymous Zonetransfer (AXFR) exploatation
- Prev by Date: Re: Program to populate forms
- Next by Date: MMS for hackers
- Previous by thread: anonymous Zonetransfer (AXFR) exploatation
- Next by thread: RE: anonymous Zonetransfer (AXFR) exploatation
- Index(es):
