Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: [PEN-TEST] DNS testing tool

Re: [PEN-TEST] DNS testing tool

From: Noel Rosenberg <nrosen04_at_EMERALD.TUFTS.EDU>
Date: Wed, 7 Mar 2001 17:03:29 -0500

On Wed, 7 Mar 2001, Laura Nuņez wrote:
| I have this, by the moment
| - Disable Zone Transfers
| - Assign reverse DNS to only those host that require it

I would amend this to something like "Assign only uniformative reverse DNS
to all hosts that don't require it."

I allways asign rDNS for all hosts. However, most are of the form
hxxx-yyy.example.com , where xxx is the subnet and yyy is the last octet.

Ex: h144-120.example.com would be vvv.www.144.120

| - Split DNS for internal hosts

If by this you mean seperate internal and external DNS, then yes, with
more informative DNS and rDNS on the internal system.

| - Apply fixes, version upgrades to avoid known
| vulnerabilities
| - Don't include additional info records,

---Noel Rosenberg
---noel.rosenberg_at_tufts.edu
---"Not the handsome actor...
--- who plays the hero's role." - _Nobody's Hero_ - Rush
Received on Mar 07 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos