lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040723203246.GA26952@h8000.serverkompetenz.net>
From: nils at druecke.strg-alt-entf.org (Nils Ketelsen)
Subject: Question for DNS pros

On Fri, Jul 23, 2004 at 12:32:28PM -0500, Paul Schmehl wrote:
> Can this be done?
> 
> Conditions:
> 1) You know an IP address that is running a DNS server.  (IOW, it responds 
> to digs.)
> 2) You do not know the hostname or domain of the host.
> 3) The DNS server does not allow zone transfers.
> 
> You want to find out *all* the domains that that DNS server is 
> authoritative for.  (Essentially you're trying to find out what's in the 
> named.conf file rather than zone file info.)

Florian Weimer has an interesting project for exactly that. By analyzing all
request and replies to a resolver and writing the results into a database he
gets a system to allow this kind of inverse-queries (I avoid using the term
reverse queries because of the confusion this might cause with reverse
lookups).

Basically this allows you to say "for what hosts did I get replies from the
nameser xyz?". This does not give you all zones of the nameserver, but only
those which at least were requested once by the resolver you are looking at.
Given enough resolvers gathering this data this might allow a fairly big
overview though. 

I do not know wether is tool is available to the public yet, though. Maybe
he can say something about it (Florian is also reading here). I have not yet
figured out, what I might use this tool for, but I think it will allow for
interesting things regarding filtering solutions. And it is a nice hack.


Nils
-- 
Gibt's eigentlich auch schon emacs-Einbauk?chen?

[nico.hoffmann@...sik.tu-chemnitz.de (Nico Hoffmann)
zum Thema "vi-Tassen" in de.alt.arnooo]


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ