From: Jamie Riden (jamie.riden@gmail.com)
Date: Tue Mar 18 2008 - 14:48:12 EST
On 18/03/2008, Radu Oprisan <radu@securesystems.ro> wrote:
> LordDoskias wrote:
> >>
> >>
> > The best thing that I can think if to use the information obtained
> > from the zone transfer. Perhaps some "private" hosts will come up that
> > you can look into? To my mind AXFR transfers should be considered as
> > part of the reconnaissance stage of a pen-test.
>
> Actually, they were, a long time ago.
Hmmm.. of course, everybody should know not to allow AXFR, but in
practice you will find a lot of systems which do.
(Murphy's law implies that if a misconfiguration is possible, it
exists somewhere on the internet. I got a complaint to abuse@ once
because we were "attacking" someone's domain controller on port 123.
Turns out he had promoted it to a stratum 1 NTP server and was seeing
a standard ntpd exchange being dropped by his firewall. Nothing
surprises me any more.)
cheers,
Jamie
-- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:28 EDT