Security Basics mailing list archives
Re: Dns info mapping
From: Paulo Abrantes <ghostrider () box sk>
Date: Wed, 11 Dec 2002 20:08:10 +0000
On Tue, 10 Dec 2002 21:41:44 +0100 Jarod <jarlin () ifrance com> wrote:
On Monday 02 December 2002 23:43, svetsanj () hotmail com wrote:Are their any tools that will take a zone transfer dump and map a network out of it? I usually come across clients who allow zone transfers and we are able to see names of all their servers and IP info. It is possible to draw quiet a detailed network map from this info. Are their any tools that do this? SKPTo map you must see the interconnexion between the hosts no ? seems to be a little bit hard without "internal view" if I'm correct me
I do agree with everything you say Jarod, though when SKP says that he has access to zone transfer of certain DNS servers. I would believe that those zone transfers were just regarding the public network of that network. If that's the case a bash script using traceroute might do the job to map it. But there's always the firewalls, the NAT gateways, and well, the idea that you had of private networks being also dumped in the zone transfer, which I think it's highly improbable, since a sane sysadmin, would have at least 2 DNS servers, one for it's public network and other for the private network. Though we always have to think in everything. Regards, Paulo Abrantes ++++++++++++++++++++++++++++++++++++++++ Computer Science Student @ Instituto Superior Tecnico (http://www.ist.utl.pt) "A language that doesn't affect the way you think about programming is not worth knowing." ++++++++++++++++++++++++++++++++++++++++
Current thread:
- Dns info mapping svetsanj (Dec 03)
- Re: Dns info mapping Jarod (Dec 10)
- Re: Dns info mapping Paulo Abrantes (Dec 12)
- <Possible follow-ups>
- RE: Dns info mapping Raghu Chinthoju (Dec 11)
- RE: Dns info mapping Garbrecht, Frederick (Dec 12)
- Re: Dns info mapping Jarod (Dec 10)