lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: xyberpix at xyberpix.com (xyberpix)
Subject: Again: zone transfers, a spammer's dream?

Hey Ralf,

You beat me to it, after Lode's post, I was gradually going through them
all, but time was not on my side, and well, I only managed to get to
MIL, but I can confirm that from AC-MIL are not false positives, as I
have the same one's.
As for what to think about this, well, it is rather worrying, and should
be stopped, but what would be a good way to go about getting this sorted
out?
Wonder if it would be worthwhile filing something on bugtraq to get it
out there, yeah I know that things on there aren't usually this big, but
it may force the admins to do something about it?
If you want to discuss this further off the list feel free to mail me
direct.

xyberpix

On Wed, 2004-12-29 at 17:32 +0100, Ralf Glauberman wrote:
> Hello all,
> after Lode Vermeiren having published on the 7th of December that many
> tlds are transferable I did further research on this. Much to my
> surprise this wasn't just a problem of little states. i did a complete
> scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt)
> including every soa and ns server. i got results from 141 out of the
> 258 checked tlds. i din't check every single output, but there are not
> more than 10 false-positives within these. while the ca zone is secure
> now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and
> fi (~ 11 MB, ~ 235.000 records) are transferable.
> all in all, i found that the following tlds are transferable (also
> there might be some false-positives):
> AC
> AD
> AG
> AL
> AN
> AO
> AR
> ARPA
> BA
> BD
> BE
> BF
> BG
> BI
> BJ
> BM
> BN
> BO
> BS
> BT
> BV
> BW
> CF
> CI
> CK
> CM
> CU
> CV
> CY
> DJ
> DZ
> EC
> EE
> EG
> ER
> ES
> ET
> FI
> FJ
> FK
> FM
> GA
> GB
> GD
> GE
> GH
> GL
> GN
> GP
> GQ
> GS
> GT
> GU
> GW
> GY
> HN
> IL
> IN
> INT
> IO
> JM
> JO
> KE
> KG
> KH
> KI
> KM
> KN
> KR
> KY
> KZ
> LB
> LC
> LK
> LR
> LY
> MA
> MC
> MD
> MG
> MH
> MIL
> MM
> MN
> MR
> MS
> MT
> MUSEUM
> MW
> MX
> MY
> MZ
> NA
> NC
> NE
> NG
> NI
> NP
> OM
> PE
> PG
> PK
> PY
> SG
> SH
> SJ
> SK
> SM
> SN
> SO
> SR
> ST
> SU
> SV
> SZ
> TC
> TD
> TH
> TJ
> TM
> TN
> TO
> TP
> TR
> TT
> TZ
> UA
> UG
> UK
> UM
> UY
> VA
> VC
> VE
> VG
> VI
> VU
> YE
> YU
> ZA
> ZW
> 
> so, here comes the old question: What do you think about this?
> 
> Best regards,
> Ralf Glauberman
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- 
For Security and Open Source news and tips visit:

http://www.xyberpix.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041230/6be87f2f/attachment.bin

Powered by blists - more mailing lists