On Mon, 2 Nov 1998 [EMAIL PROTECTED] wrote:
> I recently got a message from someone that went something like this:
>
> "Hello, it seems that one of your customers is having trouble sending
> mail. I think I could offer a suggestion. Let's take a look at the way you
> have your MX records set up.."
>
> The sender then proceeded to give detailed information almost as though
> he'd catted the zone file on our DNS server. It included what the MX
> records were for a given systems and which server were CNAMEd to which.
> The advice was helpfull and indeed correct solving the problem shortly
> thereafter. I, however, had no idea you could get that much information on
> a system remotely. I mailed this person back and have gotten no response.
> I can't help but be a little suspicious of this although the idea of a
> benevolent cracker out there is an amusing thought. =:) I'm sure there's a
> legitimate way to get information like this, but outside of nslookup and
> whois I don't know how our helper friend could have gotten so much
> information about our systems.
>
> ...so here's my question: How'd he do it? =:)
The simplest way IHO, and the one I use myself when I see a problem like
that in other people's systems would be to configure my dns server as a
slave/secondary of your domain, then reload the config, wait a few seconds
for it to pull the zone from your dns server, then start reading the local
backup file generated by my named for your zone.
This will get every record in one fell swoop, both A, MX, CNAME and all
the other ones including the SOA saying it's you I should tell about the
problem. (A good reason for putting the right info there)
--
Henrik Olsen, CNA, working on CNE.
URL=http://www.iaeste.dk/~henrik/
Get the rest there.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
