Re: Audit Research - WHOIS?
From: John Daniele (johnd@tsintel.com)Date: 01/30/02
- Previous message: Kevin Sanchez-Cherry: "Re: Webex"
- In reply to: Dee Harrod: "Re: Audit Research - WHOIS?"
- Next in thread: Timothy.Lyons@predictive.com: "Re: Audit Research - WHOIS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Jan 2002 19:58:17 -0500 (EST) From: John Daniele <johnd@tsintel.com> To: Dee Harrod <dee_harrod@yahoo.com>
Well.. probably better suited question for pentest@securityfocus.com,
but find the server that is authoritative for your company's corporate
web site, and hope that you can perform a zone domain transfer.
You may also get lucky if your company's provider hasn't secured the
DNS server that is responsible for delegating authority and try to
perform a zone transfer on the reverse arpa of your company's netblock.
Then try each server, recursively.
----------------------------------
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice: (416) 605-2041
Email: johnd@tsintel.com
Web: http://www.tsintel.com
----------------------------------
On Tue, 29 Jan 2002, Dee Harrod wrote:
> True enough. This is for auditing purposes, though,
> and I'm trying to approach it as a hacker would - not
> using insider information. I've found a number of
> domains that point back to us, but I'd like to find
> all of them. Thanks, though.
>
> -- DS
>
> --- Cavell.McDermott@apw.com wrote:
> >
> > Do you guys host your own dns? If so, on your dns
> > server there should be
> > zone files for every domain you manage.
> >
> > Cavell McDermott
> > Domino Admin
> > APW Ltd. - Texas Campus
> > 214-343-1400 - Main
> > 214-355-2022 - Direct
> > 214-341-9950 - Fax
> > http://www.apw.com
> >
> >
> >
> >
> >
> > Dee Harrod
> >
> >
> > <dee_harrod@y To:
> > security-basics@securityfocus.com
> >
> > ahoo.com> cc:
> >
> >
> > Subject:
> > Audit Research - WHOIS?
> >
> > 01/28/2002
> >
> >
> > 03:36 PM
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > I'm doing an audit on my corporate network. One of
> > the
> > things I'm trying to get is a list of all domains
> > registered to the company. There are a lot of them.
> >
> > The problem is that I'm finding it increasingly
> > difficult to track down that information. There are
> > numerous servers out there that will do whois checks
> > against a domain name. There are even a number that
> > will do it against a word, and bring up all the
> > domain
> > names that match it. But I'd like to, say, query
> > against a registration ID, or an email address, etc.
> > That way I could find all domains registered by our
> > registeration address.
> >
> > Any suggestions on how I might better approach this?
> >
> > -- Dee
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Great stuff seeking new owners in Yahoo! Auctions!
> > http://auctions.yahoo.com
> >
> >
> >
> >
>
> __________________________________________________
> Do You Yahoo!?
> Great stuff seeking new owners in Yahoo! Auctions!
> http://auctions.yahoo.com
>
- Previous message: Kevin Sanchez-Cherry: "Re: Webex"
- In reply to: Dee Harrod: "Re: Audit Research - WHOIS?"
- Next in thread: Timothy.Lyons@predictive.com: "Re: Audit Research - WHOIS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
