{"title":"基于搜索引擎的区域转移错误配置研究","authors":"Yin Minn Pa Pa, K. Yoshioka, Tsutomu Matsumoto","doi":"10.1109/ASIAJCIS.2013.16","DOIUrl":null,"url":null,"abstract":"This study proposes how to investigate the existence of misconfigurations of zone transfer in any level of domain name system hierarchy using search engine based approach without the need to look at the zone file. The analysis has been conducted on 1,284 authoritative name servers of 314 top-level domains and 46,416 authoritative name servers of second level domain of 249 country code top-level domains. In case of top-level domains investigation, 84 name servers authoritative to answer for 53 top-level domains are misconfigured and allow zone transfer to us. In case of second level domains investigation, 5,394 authoritative name servers authoritative to answer for 6,234 second-level domains allow zone transfer. In particular, we found a serious misconfiguration case where the misconfigured DNS server was authoritative for not only its TLD but also SLD and lower level, exposing 83 % the DNS related information of the country to the public.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Search Engine Based Investigation on Misconfiguration of Zone Transfer\",\"authors\":\"Yin Minn Pa Pa, K. Yoshioka, Tsutomu Matsumoto\",\"doi\":\"10.1109/ASIAJCIS.2013.16\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This study proposes how to investigate the existence of misconfigurations of zone transfer in any level of domain name system hierarchy using search engine based approach without the need to look at the zone file. The analysis has been conducted on 1,284 authoritative name servers of 314 top-level domains and 46,416 authoritative name servers of second level domain of 249 country code top-level domains. In case of top-level domains investigation, 84 name servers authoritative to answer for 53 top-level domains are misconfigured and allow zone transfer to us. In case of second level domains investigation, 5,394 authoritative name servers authoritative to answer for 6,234 second-level domains allow zone transfer. In particular, we found a serious misconfiguration case where the misconfigured DNS server was authoritative for not only its TLD but also SLD and lower level, exposing 83 % the DNS related information of the country to the public.\",\"PeriodicalId\":286298,\"journal\":{\"name\":\"2013 Eighth Asia Joint Conference on Information Security\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Eighth Asia Joint Conference on Information Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ASIAJCIS.2013.16\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Eighth Asia Joint Conference on Information Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASIAJCIS.2013.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Search Engine Based Investigation on Misconfiguration of Zone Transfer
This study proposes how to investigate the existence of misconfigurations of zone transfer in any level of domain name system hierarchy using search engine based approach without the need to look at the zone file. The analysis has been conducted on 1,284 authoritative name servers of 314 top-level domains and 46,416 authoritative name servers of second level domain of 249 country code top-level domains. In case of top-level domains investigation, 84 name servers authoritative to answer for 53 top-level domains are misconfigured and allow zone transfer to us. In case of second level domains investigation, 5,394 authoritative name servers authoritative to answer for 6,234 second-level domains allow zone transfer. In particular, we found a serious misconfiguration case where the misconfigured DNS server was authoritative for not only its TLD but also SLD and lower level, exposing 83 % the DNS related information of the country to the public.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
