Seattle based special interest group for system and network administrators.
ATTACK 01
***** plain user ***** (after a short bit of nosing around with a web browser and a few polite mail lookups in the online mail servers I know that the target has a subdomain of TARGET.DOMAIN.COM. I have not TOUCHED any of thier hosts in anyway as yet. The host gladsheim is my own system (Sparc 5/85 with Solaris 2.5). I have set up a fake dns system to echo back an obvioulsy false dns reverse lookup of YOU.GOT.ME.xxxxx.xxx.xxx. But, they never got that far. So now the FUN begins...) [gladsheim:/home/leeland] leeland $ nslookup Default Server: gladsheim.YOU.GOT.ME.xxxxx.xxx.xxx Address: 393.303.100.1 > set type=MX > domain.com Server: gladsheim.YOU.GOT.ME.xxxxx.xxx.xxx Address: 393.303.100.1 Non-authoritative answer: domain.com preference = 10, mail exchanger = mx1.domain.com domain.com preference = 10, mail exchanger = mx2.domain.com Authoritative answers can be found from: OTHER.DOMAIN.COM nameserver = ns.mun.com OTHER.DOMAIN.COM nameserver = lori.COMPUTING.DOMAIN.COM OTHER.DOMAIN.COM nameserver = shirly.COMPUTING.DOMAIN.COM mx1.domain.com internet address = 278.346.32.6 mx2.domain.com internet address = 278.346.33.5 ns.mun.com internet address = 428.444.444.101 lori.COMPUTING.DOMAIN.COM internet address = 278.346.35.1 shirly.COMPUTING.DOMAIN.COM internet address = 278.346.36.1
