|
|
lug-bg: Fwd: [net] com and net zone wildcard records
- Subject: lug-bg: Fwd: [net] com and net zone wildcard records
- From: Борис Йорданов <borj@xxxxxxxxx>
- Date: Tue, 16 Sep 2003 15:54:42 +0300
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
За Боян Кроснов - надявам се нямаш против, че го поствам тук. Смятам, че ще представлява интерес за групата.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/ZwgSKDHlLar/ewgRAtsbAJ9cdLoOU1L5hMy9zngBkXwljJiS6QCeMz5G
Bz245XcKoFlmsnMAus9/920=
=3E7p
-----END PGP SIGNATURE-----
--- Begin Message ---
- Subject: [net] com and net zone wildcard records
- From: "Boyan Krosnov" <bkrosnov@xxxxxxxx>
- Date: Tue, 16 Sep 2003 15:07:47 +0300
- Delivered-to: borj@xxxxxxxxxxxxxxxxx
- Delivered-to: GMX delivery to borj@xxxxxxxxx
- Delivered-to: mailing list net@xxxxxxxxxxx
- Mailing-list: contact net-help@xxxxxxxxxxx; run by ezmlm
- Thread-topic: com and net zone wildcard records
Ot dnes sutrinta Verisign vryshtat A zapis za vsqko ime v neregistriran
domain v .com i .net tld zonite.
primer:
boyan@marla:~/web/stuff$ dig www.boyan-krosnov.com @a.gtld-servers.net
; <<>> DiG 9.2.1 <<>> www.boyan-krosnov.com @a.gtld-servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56575
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13
;; QUESTION SECTION:
;www.boyan-krosnov.com. IN A
;; ANSWER SECTION:
www.boyan-krosnov.com. 900 IN A 64.94.110.11
------------------------- i t.n.
Tova e ujasna ideq i schupva nqkolko fundamentalno vajni neshta. Pyrvite
za koito se seshtam:
1. domain s dva MX recorda. MX record-a s po-golqm prioritet e s
sbyrkano ime primerno
ludost.net. MX 10 mx1.ladost.net
ludost.net. MX 20 mx2.ludost.net
Do sega tazi shema e rabotila vypreki pravopisnata greshka v
konfiguraciqta. Sega vichkata poshta za ludost net shte hodi na
mx1.ladost.net -> 64.91.110.11 i shte se dropi tam
2. Do sega v SMTP protokola kogato nqkoj se opita da se predstavi s
HELO, s ime koeto ne syshtestvuva, konekciqta se prekysva. Sega vsqko
ime v .com i .net syshtestvuva. Syshto imeto na domain ili host ot
envelope from adresa (RCPT TO: komandata) e zadyljitelno da syshtestvuva
. Sega vseki izmislen host v .com i .net syshtestvuva.
3. WPAC (web proxy auto-configuration). Predstavete si windows 2000 pc s
konfiguriran domain ahglhdskjg.com i ime alabala.ahglhdskjg.com. S
nastrojkite po podrazbirane pc-to shte pita za A zapis za
wpac.ahglhdskjg.com. posle shte se opita da se vyrje na tazi mashina i
da iztegli fail za avtomatichna nastojka na proxy-to.
E, sega veche e vyzmojno Verisign (ili kojto hackne web servera im) da
vi nastroi kakvoto proxy na nego mu e udobno na vsichki mashini s
defaultni nastrojki i nesyshtestvuvash domain.
4. Security probiv v tozi web server 64.91.110.11 avtomatichno dava na
napadatelq vyzmojnost da pronikni v milioni sistemi po celiq svqt
(windows-i s nepatchnati internet exploreri). Da vi e chestit doom-a na
internet-a.
5. Nishto konkretno ne pravqt v momenta s vsichki drugi paketi i
konekcii koito sluchajno popadat tam ( za sega obrabotvat samo HTTP i
SMTP) , no nishto ne gi spira da zapochnat da obrabotvat primerno pop3 i
da kradat paroli na potrebiteli, koito si vyvejdat imeto mail syrvyra
greshno. Tova e edin ogromen probiv v privacy-to ne vsichki ni.
6. Web server i SMTP software kojto se tyrkalq na tozi adres ne e
bezbygav. Vidqh veche cross-site scripting prez http syrvyra tam, a smtp
syrvyra e v totalno narushenie na edna kamara rfc-ta.
------------------------------------------------------
Vyprosa e kakvo da pravim i tozi pyt nqma da vi kazvam kakvo mislq az da
pravq za da ne naklonq diskusiqta v edna ili druga posoka.
BR,
Boyan Krosnov, CCIE#8701 and more
just another techie speaking for himself
--- End Message ---
|
|
|