Re: question regarding nessus plug-in 10595 DNS AXFR

From: Ariel Martinez (ariel@muiscas.udea.edu.co)
Date: Tue Feb 24 2004 - 20:06:48 EST

• Next message: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
• Previous message: ma1ler_deamon: "Re: manipulating query strings"
• In reply to: cissper: "question regarding nessus plug-in 10595 DNS AXFR"
• Next in thread: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Tue, 24 Feb 2004, cissper wrote:

[...]

> In one of my scans, nessus reported a vulnerability allowing DNS zone
> transfers (see below). I have tried to verify this vulnerability
> manually with nslookup and other tools. Apparently a manual DNS zone
> transfer did not work! So I am just wondering if anybody knows what this
> plug-in is exactly doing. I am not yet familiar with the scripting
> language used.

I guess plugin tried an AXFR for a reverse zone not for a forward zone.
You can try dig(1) or host(1) from bind-utils to get the whole reverse
zone for 192.168.1.*:

$ dig @dns-server 1.168.192.in-addr.arpa axfr # You can append +notcp to
force udp query.
 
$ host -l 1.168.192.in-addr.arpa dns-server

--
Ariel Martinez.
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
• Previous message: ma1ler_deamon: "Re: manipulating query strings"
• In reply to: cissper: "question regarding nessus plug-in 10595 DNS AXFR"
• Next in thread: Travis Schack: "Re: question regarding nessus plug-in 10595 DNS AXFR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT