-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 24 Jul 00, at 22:54, Chris, the Young One wrote:
> ! > Wrong. You can perform zone transfers on MAPS' nameservers :-)
> ! > That'll give you the entire list.
> !
> ! Without signing the document?
>
> Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of
> getting it, by exploiting BIND features (which don't include AXFR,
> despite Ricardo's use of the words ``zone transfers'').
Do you mean the same one as I do? That one doesn't do anything
else than "bruteforce-downloading" the entire zone on host-by-host
basis (the only "speedups" come from the possibility of having the
entire /24, /16 or even /8 network blacklisted).
I'd like to hear any definite statement about plausibility of this
"pseudo zone transfer"; it's certainly beyond my Internet
connection limits (64kb, pair per byte transferred). (Even the mere
idea of spawning 2^32 grep's is beyond my comprehension.)
In other words, did anyone actually try?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOXwT81MwP8g7qbw/EQJabACg4W+fg6Vvxrj6eGnA/MX5L+OSZQsAoKiM
QJXavXP4/vm15TFju57z+A0V
=9+eH
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
