| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | Res: testing dns servers |
| From: | Marcos Aurelio Rodrigues <marsamp@yahoo.com.br> |
| Date: | Mon, 16 Apr 2007 04:43:38 -0700 (PDT) |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=AtzUY7QPcX580ywJ3j2NKEACr3RVRMU3g6WMMe7LoqTVbk7COz4dcUNHCh0ybuG9QbArxFiqWNEdZKBwLVtkWsqZbRoTB9688nEIU3PiZegvECncHk3tqnmO26dFRmsvrbD6CNP31gRw9n1Yp/hqL4IiHrzX3YuIPUP2vO+lShI=; |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Reply-to: | Marcos Aurelio Rodrigues <marsamp@yahoo.com.br> |
| Resent-date: | Mon, 16 Apr 2007 17:40:15 -0600 (MDT) |
| Resent-from: | pen-test-return-1078483974@securityfocus.com |
| Resent-message-id: | <20070416234015.00A601495E1@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
I think, to hide the version of your DNS its a good one. Marcos Aurelio Rodrigues (d319r4t1433) Pueri quod semper amat Dei ----- Mensagem original ---- De: Zhihao <zhihao@root.sg> Para: pen-test@securityfocus.com Enviadas: Domingo, 15 de Abril de 2007 3:49:37 Assunto: testing dns servers Hi, How would you guys test a dns server for holes? Here are some that i thought of.. 1. Make sure it does not allow recursive queries. 2. Make sure it does not allow zone transfers from unauthorized hosts. 3. Make sure it is not vulnerable to dns cache poisoning. Anything other vectors we could look at? Cheers. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ __________________________________________________ Fale com seus amigos de graça com o novo Yahoo! Messenger http://br.messenger.yahoo.com/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: testing dns servers, bariswinston |
|---|---|
| Next by Date: | Re: Can we say Back|Track best CD for a Penetration Test, Rick Zhong |
| Previous by Thread: | testing dns servers, Zhihao |
| Next by Thread: | Re: Res: testing dns servers, Radu Oprisan |
| Indexes: | [Date] [Thread] [Top] [All Lists] |