nslookup can perform zone transfers. Syntax:
c:\>nslookup <domain.com>
-default server: <corp-dns.domain.com>
-address: 196.254.0.1
>ls -d <domain.com>
This will allow a zone transfer (no null session needed) unless (in 2000)
Services and Applications\DNS\[server name]\Forward Lookup
Zones\[zone-name]\properties, then zone transfers tab, "Allow zone
transfers" checked and "to any server" is not radioed. In NT 4.0, this
function is performed I believe with a registry hack in the DNS services
area, not sure of the specifics, though.
-----Original Message-----
From: Stacy M. Williams [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 10, 2001 6:13 PM
To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]';
'[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
Subject: MS DNS Zone Transfer Exploit
Is anyone aware of a Microsoft DNS Zone Transfer Exploit
that would allow a forced zone transfer within DNS?
Any information available, or security alert on the subject
would be very helpful.
Thanks.
Stacy
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
