Re: Dns info mapping

From: Paulo Abrantes (ghostrider@box.sk)
Date: 12/11/02

  • Next message: Tony Meman: "Re: Preventing DHCP from allocating IPs" 
    Date: Wed, 11 Dec 2002 20:08:10 +0000
From: Paulo Abrantes <ghostrider@box.sk>
To: security-basics@securityfocus.com

    On Tue, 10 Dec 2002 21:41:44 +0100
    Jarod <jarlin@ifrance.com> wrote:

    > On Monday 02 December 2002 23:43, svetsanj@hotmail.com wrote:
    > > Are their any tools that will take a zone transfer dump and map a
    > > network out of it? I usually come across clients who allow zone
    > > transfers and we are able to see names of all their servers and IP info.
    > > It is possible to draw quiet a detailed network map from this info.
    > >
    > > Are their any tools that do this?
    > >
    > > SKP
    > >
    > To map you must see the interconnexion between the hosts no ?
    > seems to be a little bit hard without "internal view"
    > if I'm correct me

    I do agree with everything you say Jarod,
    though when SKP says that he has access
    to zone transfer of certain DNS servers. I
    would believe that those zone transfers
    were just regarding the public network of
    that network. If that's the case a bash
    script using traceroute might do the job
    to map it.
    But there's always the firewalls, the NAT
    gateways, and well, the idea that you had
    of private networks being also dumped in the
    zone transfer, which I think it's highly
    improbable, since a sane sysadmin, would
    have at least 2 DNS servers, one for it's
    public network and other for the private
    network. Though we always have to think
    in everything.

    Regards,

    Paulo Abrantes

    ++++++++++++++++++++++++++++++++++++++++
            Computer Science Student @
            Instituto Superior Tecnico
               (http://www.ist.utl.pt)
     
     "A language that doesn't affect the way
    you think about programming is not worth
    knowing."
    ++++++++++++++++++++++++++++++++++++++++

    Relevant Pages

    • RE: Sign:Re: Is there such a thing as DNS Network Mapper type application
      ... doing a zone transfer would certainly show up ... This too I would this cause a snort/IDS alert. ... Precisely Define and Implement Network Security ... FIND OUT NOW - FREE Vulnerability Assessment Toolkit ...
      (Security-Basics)
    • Re: Resolving hostnames in remote VPN network
      ... Am I to negotiate a zone transfer as a ... "must" from the other network admin? ... rather than the primary network adapter. ... server a secondary for the primary zoneat the other site? ...
      (microsoft.public.win2000.ras_routing)
    • Re: Internal caching-only DNS - right way to go?
      ... Every network I've ever setup is like ... initiated the zone transfer, and not viceversa. ...
      (microsoft.public.win2000.dns)
    • Re: Emailing web form information to me
      ... have a default folder such as "public_html" that you are supposed to upload ... if you can map a drive to your ... In the Map Network Drive dialog box, ... network location, and then click Next. ...
      (microsoft.public.publisher.webdesign)
    • Re: Unable to map to remote share XP Pro --> XP Pro
      ... I can now map network drives as long as the PCs are ... the domain and the PDC is online I can map drives without issue. ... I have encountered exactly the same problem after updating to SP3. ...
      (microsoft.public.windowsxp.network_web)
    • Quantcast