Re: [Full-Disclosure] How to obtain hostname lists
Yes. That is the most common technique for worms and mass defacing. But there are docs that talk abou t selective mass penetration. For example, 3 years ago, you could take the list of attrition defaced archive and create a list of hostnames with potencial victims. A tequinique could be to read from a wordlist and then google each works and with help of lynx get hostnames. I want to know other choices (smarter). Thanks for your time. KF_lists wrote: its not hostname based... its IP based.. they use programs to randomly generate IP's. -kf fabio wrote: Hi. I would like to know what techniques can Intruders use to obtain a lists of hostname and attack them with exploits code? For example, a huge list like: www.foo.com www.bar.com And so on. Also, they can have a lists with certain criteria in common (os, httpdver) and do a more selective attack. I want to know how they can obtain hostnames asnd create a huge database for potencial host victims? Thanks in advance. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] How to obtain hostname lists
None of this is really magic, and is publicly available via a variety of sources... I would like to know what techniques can Intruders use to obtain a lists of hostname and attack them with exploits code? For example, a huge list like: www.foo.com www.bar.com Scanning, mostly. Also, DNS zone transfers, but many times it's just plugging a class C or B address range into a scanner and hitting enter. And so on. Also, they can have a lists with certain criteria in common (os, httpdver) and do a more selective attack. I want to know how they can obtain hostnames asnd create a huge database for potencial host victims? Besides the usual scanning techniques, throw Googling and searches via Netcraft for httpd's into the mix. = Harlan Carvey, CISSP Windows Forensics and Incident Recovery http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] How to obtain hostname lists
A tequinique could be to read from a wordlist and then google each works and with help of lynx get hostnames. I want to know other choices (smarter). Google hacking. Netcraft. Nmap scanning, or using a similar tool that collects banners from the specific services you're targetting. = Harlan Carvey, CISSP Windows Forensics and Incident Recovery http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] How to obtain hostname lists
Umm... ~pingywon MCSE http://www.pingywon.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of fabio Sent: Tuesday, September 28, 2004 11:33 To: Full-Disclosure Subject: [Full-Disclosure] How to obtain hostname lists Hi. I would like to know what techniques can Intruders use to obtain a lists of hostname and attack them with exploits code? For example, a huge list like: www.foo.com www.bar.com And so on. Also, they can have a lists with certain criteria in common (os, httpdver) and do a more selective attack. I want to know how they can obtain hostnames asnd create a huge database for potencial host victims? Thanks in advance. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.768 / Virus Database: 515 - Release Date: 9/22/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.768 / Virus Database: 515 - Release Date: 9/22/2004 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE:[Full-Disclosure] How to obtain hostname lists
Fab, One kewl way is to open a website like Nakedladies.com and log all the visiting IP's! Kewl huh! Do you need someone to write some code also? thank you Randall M |--__--__-- | |Message: 4 |Date: Tue, 28 Sep 2004 09:32:37 -0600 |From: fabio [EMAIL PROTECTED] |To: Full-Disclosure [EMAIL PROTECTED] |Subject: [Full-Disclosure] How to obtain hostname lists | |Hi. | |I would like to know what techniques can Intruders use to |obtain a lists of hostname and attack them with exploits code? |For example, a huge list like: |www.foo.com |www.bar.com | |And so on. Also, they can have a lists with certain criteria |in common (os, httpdver) and do a more selective attack. I |want to know how they can obtain hostnames asnd create a |huge database for potencial host victims? | |Thanks in advance. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html