From: Jamie Riden (jamie.riden@gmail.com)
Date: Thu Mar 13 2008 - 04:45:27 EST
On 12/03/2008, xx yy <thenucker2004@yahoo.com> wrote:
> During some research I came across some server that have anonymous Zonetransfer (AXFR) allowed.
>
> Is there a working attack for a DNS server that has anonymous Zonetransfer (AXFR) allowed ?
It's only an information disclosure vulnerability, so the best you can
do is look at things like the network structure, the hostnames and try
to infer from them. For example, a lot of places give CNAMES for
functionality such as mail, www, smtp, pop3, xxx-db (for database),
etc.
You can also have a look at the distribution of the hosts within the
IP space of the company. Are there gaps? If so, are there computers
there without DNS records? etc. etc.
cheers,
Jamie
-- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:27 EDT