Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?

from [xyberpix] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?
Date: Thu, 30 Dec 2004 09:33:32 +0000 
Hey Ralf,

You beat me to it, after Lode's post, I was gradually going through them
all, but time was not on my side, and well, I only managed to get to
MIL, but I can confirm that from AC-MIL are not false positives, as I
have the same one's.
As for what to think about this, well, it is rather worrying, and should
be stopped, but what would be a good way to go about getting this sorted
out?
Wonder if it would be worthwhile filing something on bugtraq to get it
out there, yeah I know that things on there aren't usually this big, but
it may force the admins to do something about it?
If you want to discuss this further off the list feel free to mail me
direct.

xyberpix

On Wed, 2004-12-29 at 17:32 +0100, Ralf Glauberman wrote:

Hello all,
after Lode Vermeiren having published on the 7th of December that many
tlds are transferable I did further research on this. Much to my
surprise this wasn't just a problem of little states. i did a complete
scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt)
including every soa and ns server. i got results from 141 out of the
258 checked tlds. i din't check every single output, but there are not
more than 10 false-positives within these. while the ca zone is secure
now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and
fi (~ 11 MB, ~ 235.000 records) are transferable.
all in all, i found that the following tlds are transferable (also
there might be some false-positives):
AC
AD
AG
AL
AN
AO
AR
ARPA
BA
BD
BE
BF
BG
BI
BJ
BM
BN
BO
BS
BT
BV
BW
CF
CI
CK
CM
CU
CV
CY
DJ
DZ
EC
EE
EG
ER
ES
ET
FI
FJ
FK
FM
GA
GB
GD
GE
GH
GL
GN
GP
GQ
GS
GT
GU
GW
GY
HN
IL
IN
INT
IO
JM
JO
KE
KG
KH
KI
KM
KN
KR
KY
KZ
LB
LC
LK
LR
LY
MA
MC
MD
MG
MH
MIL
MM
MN
MR
MS
MT
MUSEUM
MW
MX
MY
MZ
NA
NC
NE
NG
NI
NP
OM
PE
PG
PK
PY
SG
SH
SJ
SK
SM
SN
SO
SR
ST
SU
SV
SZ
TC
TD
TH
TJ
TM
TN
TO
TP
TR
TT
TZ
UA
UG
UK
UM
UY
VA
VC
VE
VG
VI
VU
YE
YU
ZA
ZW

so, here comes the old question: What do you think about this?

Best regards,
Ralf Glauberman
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
For Security and Open Source news and tips visit:

http://www.xyberpix.com

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Re: Fwd: Re: [USN-52-1] vim vulnerability, Ciaran McCreesh
Next by Date:  [Full-Disclosure] [ GLSA 200412-27 ] PHProjekt: Remote code execution vulnerability, Thierry Carrez
Previous by Thread:  Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?, Jorrit Kronjee
Next by Thread:  Heap overflow in Mozilla Browser <= 1.7.3 NNTP code., Maurycy Prodeus
Indexes:  [Date] [Thread] [Top] [All Lists]