Full Disclosure mailing list archives
Re: Again: zone transfers, a spammer's dream?
From: xyberpix <xyberpix () xyberpix com>
Date: Thu, 30 Dec 2004 09:33:32 +0000
Hey Ralf, You beat me to it, after Lode's post, I was gradually going through them all, but time was not on my side, and well, I only managed to get to MIL, but I can confirm that from AC-MIL are not false positives, as I have the same one's. As for what to think about this, well, it is rather worrying, and should be stopped, but what would be a good way to go about getting this sorted out? Wonder if it would be worthwhile filing something on bugtraq to get it out there, yeah I know that things on there aren't usually this big, but it may force the admins to do something about it? If you want to discuss this further off the list feel free to mail me direct. xyberpix On Wed, 2004-12-29 at 17:32 +0100, Ralf Glauberman wrote:
Hello all, after Lode Vermeiren having published on the 7th of December that many tlds are transferable I did further research on this. Much to my surprise this wasn't just a problem of little states. i did a complete scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt) including every soa and ns server. i got results from 141 out of the 258 checked tlds. i din't check every single output, but there are not more than 10 false-positives within these. while the ca zone is secure now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and fi (~ 11 MB, ~ 235.000 records) are transferable. all in all, i found that the following tlds are transferable (also there might be some false-positives): AC AD AG AL AN AO AR ARPA BA BD BE BF BG BI BJ BM BN BO BS BT BV BW CF CI CK CM CU CV CY DJ DZ EC EE EG ER ES ET FI FJ FK FM GA GB GD GE GH GL GN GP GQ GS GT GU GW GY HN IL IN INT IO JM JO KE KG KH KI KM KN KR KY KZ LB LC LK LR LY MA MC MD MG MH MIL MM MN MR MS MT MUSEUM MW MX MY MZ NA NC NE NG NI NP OM PE PG PK PY SG SH SJ SK SM SN SO SR ST SU SV SZ TC TD TH TJ TM TN TO TP TR TT TZ UA UG UK UM UY VA VC VE VG VI VU YE YU ZA ZW so, here comes the old question: What do you think about this? Best regards, Ralf Glauberman _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- For Security and Open Source news and tips visit: http://www.xyberpix.com
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Again: zone transfers, a spammer's dream? Ralf Glauberman (Dec 29)
- Re: Again: zone transfers, a spammer's dream? Jorrit Kronjee (Dec 29)
- Re: Again: zone transfers, a spammer's dream? xyberpix (Dec 31)