| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: xyberpix at xyberpix.com (xyberpix) Subject: Again: zone transfers, a spammer's dream? Hey Ralf, You beat me to it, after Lode's post, I was gradually going through them all, but time was not on my side, and well, I only managed to get to MIL, but I can confirm that from AC-MIL are not false positives, as I have the same one's. As for what to think about this, well, it is rather worrying, and should be stopped, but what would be a good way to go about getting this sorted out? Wonder if it would be worthwhile filing something on bugtraq to get it out there, yeah I know that things on there aren't usually this big, but it may force the admins to do something about it? If you want to discuss this further off the list feel free to mail me direct. xyberpix On Wed, 2004-12-29 at 17:32 +0100, Ralf Glauberman wrote: > Hello all, > after Lode Vermeiren having published on the 7th of December that many > tlds are transferable I did further research on this. Much to my > surprise this wasn't just a problem of little states. i did a complete > scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt) > including every soa and ns server. i got results from 141 out of the > 258 checked tlds. i din't check every single output, but there are not > more than 10 false-positives within these. while the ca zone is secure > now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and > fi (~ 11 MB, ~ 235.000 records) are transferable. > all in all, i found that the following tlds are transferable (also > there might be some false-positives): > AC > AD > AG > AL > AN > AO > AR > ARPA > BA > BD > BE > BF > BG > BI > BJ > BM > BN > BO > BS > BT > BV > BW > CF > CI > CK > CM > CU > CV > CY > DJ > DZ > EC > EE > EG > ER > ES > ET > FI > FJ > FK > FM > GA > GB > GD > GE > GH > GL > GN > GP > GQ > GS > GT > GU > GW > GY > HN > IL > IN > INT > IO > JM > JO > KE > KG > KH > KI > KM > KN > KR > KY > KZ > LB > LC > LK > LR > LY > MA > MC > MD > MG > MH > MIL > MM > MN > MR > MS > MT > MUSEUM > MW > MX > MY > MZ > NA > NC > NE > NG > NI > NP > OM > PE > PG > PK > PY > SG > SH > SJ > SK > SM > SN > SO > SR > ST > SU > SV > SZ > TC > TD > TH > TJ > TM > TN > TO > TP > TR > TT > TZ > UA > UG > UK > UM > UY > VA > VC > VE > VG > VI > VU > YE > YU > ZA > ZW > > so, here comes the old question: What do you think about this? > > Best regards, > Ralf Glauberman > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- For Security and Open Source news and tips visit: http://www.xyberpix.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041230/6be87f2f/attachment.bin
Powered by blists - more mailing lists