Hello Henrik & All,
On Fri, 6 Nov 1998, Henrik Olsen wrote:
> On Mon, 2 Nov 1998 [EMAIL PROTECTED] wrote:
> > I recently got a message from someone that went something like this:
> >
> > "Hello, it seems that one of your customers is having trouble sending
> > mail. I think I could offer a suggestion. Let's take a look at the way you
> > have your MX records set up.."
> >
> > The sender then proceeded to give detailed information almost as though
> > he'd catted the zone file on our DNS server. It included what the MX
> > records were for a given systems and which server were CNAMEd to which.
> > The advice was helpfull and indeed correct solving the problem shortly
> > thereafter. I, however, had no idea you could get that much information on
> > a system remotely. I mailed this person back and have gotten no response.
> > I can't help but be a little suspicious of this although the idea of a
> > benevolent cracker out there is an amusing thought. =:) I'm sure there's a
> > legitimate way to get information like this, but outside of nslookup and
> > whois I don't know how our helper friend could have gotten so much
> > information about our systems.
> >
> > ...so here's my question: How'd he do it? =:)
>
> The simplest way IHO, and the one I use myself when I see a problem like
> that in other people's systems would be to configure my dns server as a
> slave/secondary of your domain, then reload the config, wait a few seconds
> for it to pull the zone from your dns server, then start reading the local
> backup file generated by my named for your zone.
> This will get every record in one fell swoop, both A, MX, CNAME and all
> the other ones including the SOA saying it's you I should tell about the
> problem. (A good reason for putting the right info there)
named-xfer -z 'somebodiesdomain' -f db.junk 'nameofnameserver'
Does the same thing ... ;-) , JimL
+-----------------------------------------------------------------------+
| James W. Laferriere - Network Engineer - [EMAIL PROTECTED] |
| System Techniques - 25416 - 22nd S. - Des-Moines, WA 98198 |
| Give me VMS -or- Give me Linux -but- only on AXP |
+-----------------------------------------------------------------------+
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
