I have also seen a few organizations that list their hosts based on the primary user of that host. When enumerating network admins, you can easily identify where the juicy targets are. :)
On Wed, Apr 24, 2013 at 10:27 AM, James Costello <[email protected]>wrote: > Main reason - organizations naming their servers based on installed > software or purpose instead of by some other naming scheme > goofy.corp.local doesn't mean the same as internalcms.corp.local > Focus your attacks > Also, who is actively watching their DNS logs on their internal servers? > > > On Wed, Apr 24, 2013 at 8:20 AM, Josh More <[email protected]> wrote: > >> There are many reasons. I do it during engagements to find "test" >> servers and older servers. These are often not behind WAFs and not >> updated, so they can be weaker targets. From there, it's pivot, pivot, >> pivot. >> >> -Josh More >> >> >> On Wed, Apr 24, 2013 at 3:30 AM, Jason Long <[email protected]> wrote: >> >>> Hello Folks. >>> I look at Kali Linux and saw a part about DNS gathering information, Why >>> a hacker must do DNS walk? >>> >>> Thanks. >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Jason Frank
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
