None of this is really magic, and is publicly available via a variety of sources...
> I would like to know what techniques can Intruders > use to obtain a lists > of hostname and attack them with exploits code? > For example, a huge list like: > www.foo.com > www.bar.com Scanning, mostly. Also, DNS zone transfers, but many times it's just plugging a class C or B address range into a scanner and hitting enter. > And so on. Also, they can have a lists with certain > criteria in common > (os, httpdver) and do a more selective attack. I > want to know how they > can obtain hostnames asnd create a huge database for > potencial host victims? Besides the usual scanning techniques, throw Googling and searches via Netcraft for httpd's into the mix. ===== ------------------------------------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html