Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?

from [Jorrit Kronjee] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?
Date: Wed, 29 Dec 2004 19:49:46 +0100
Ralf Glauberman wrote: 
Hello all,
after Lode Vermeiren having published on the 7th of December that many
tlds are transferable I did further research on this. Much to my
surprise this wasn't just a problem of little states. i did a complete
scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt)
including every soa and ns server. i got results from 141 out of the
258 checked tlds. i din't check every single output, but there are not
more than 10 false-positives within these. while the ca zone is secure
now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and
fi (~ 11 MB, ~ 235.000 records) are transferable.
all in all, i found that the following tlds are transferable (also
there might be some false-positives):

arpa being one of those false positives (it's hardly exploitable by spammers anyway).

Although only a few nameservers of the tld allow zone transfers - and you really have to look for them - it really amazes me that these nameservers aren't properly configured.

I'm just glad I don't live in any of these countries.

Jorrit

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Re: new phpBB worm affects 2.0.11, Paul Laudanski
Next by Date:  Re: [Full-Disclosure] And you're proud of this Mike Evanchick?, Ill will
Previous by Thread:  [Full-Disclosure] Microsoft Windows LoadImage API Integer buffer overflow patch., Artur Byszko
Next by Thread:  Re: [Full-Disclosure] Again: zone transfers, a spammer's dream?, xyberpix
Indexes:  [Date] [Thread] [Top] [All Lists]