lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Oct 24 22:33:55 2005
From: trains at doctorunix.com (trains@...torunix.com)
Subject: vhost enumeration

Quoting unknown unknown <unknown.pentester@...il.com>:


> I'm very interested in the idea of finding vhosts given an IP address. So
> far, the only way to do this is by querying open source facilities such as
> search engines and online statistic databases.
>

I think a zone transfer would be the only authoritative resource.  
Anything else is some degree of guesswork and is bound to miss unlinked 
sites ,etc.   there are still lots of older DNS servers out there which 
allow zone xfers, but the number is shrinking every day.   Check all 
the secondary, tertiary, etc servers.


t

-------------------------------------------------
Email solutions, MS Exchange alternatives and extrication,
security services, systems integration.
Contact:    services@...torunix.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ