//
you're reading...
howto, Linux, OpenSource, security

HOL GREEK ISP – DNS Misconfiguration Issue


It seems that HOL is Vulnerable to DNS AXFR Zone transfer for Primary, secondary and Tertiary Domain Zones (forward / reverse zones) from unauthorized IP networks.!

# dig @ns1.hol.gr hol.gr -t AXFR
; <> DiG 9.5.1-P2 <> @ns1.hol.gr hol.gr -t AXFR
; (1 server found)
;; global options: printcmd
hol.gr. 7200 IN SOA ns0.hol.gr. hostmaster.hol.gr. 2009052102 28800 7200 604800 86400
hol.gr. 7200 IN MX 5 mailin10mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin11mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin12mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin13mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin14mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin15mx.hol.gr.
hol.gr. 7200 IN MX 5 mailin16mx.hol.gr.
hol.gr. 7200 IN NS ns0.hol.gr.
hol.gr. 7200 IN NS ns1.hol.gr.
hol.gr. 7200 IN NS ns2.hol.gr.
hol.gr. 600 IN A 195.97.21.22
_jabber._tcp.hol.gr. 7200 IN SRV 10 100 5269 jabber.hol.gr.
_sip._tcp.hol.gr. 7200 IN SRV 10 100 5060 sip.hol.gr.
_sip._udp.hol.gr. 7200 IN SRV 10 100 5060 sip.hol.gr.
_stun._udp.hol.gr. 7200 IN SRV 10 100 3478 stun.hol.gr.
_stun._udp.hol.gr. 7200 IN SRV 10 100 3479 stun.hol.gr.
_stun._udp.hol.gr. 7200 IN SRV 10 200 3478 stun2.hol.gr.
_stun._udp.hol.gr. 7200 IN SRV 10 200 3479 stun2.hol.gr.
acs.hol.gr. 7200 IN A 62.38.102.68
add.hol.gr. 7200 IN A 194.30.220.107
admintp.hol.gr. 7200 IN CNAME syscom.hol.gr.

;; Query time: 130 msec
;; SERVER: 194.30.220.119#53(194.30.220.119)
;; WHEN: Mon May 25 13:36:16 2009
;; XFR size: 1115 records (messages 1, bytes 28554)


# dig @ns2.hol.gr etanam.gr -t AXFR

; <> DiG 9.5.1-P2 <> @ns2.hol.gr etanam.gr -t AXFR
; (1 server found)
;; global options: printcmd
etanam.gr. 86400 IN SOA ns0.hol.gr. hostmaster.hol.gr. 2003071701 28800 7200 604800 86400
etanam.gr. 86400 IN NS ns0.hol.gr.
etanam.gr. 86400 IN NS ns1.hol.gr.
etanam.gr. 86400 IN NS ns2.hol.gr.
etanam.gr. 86400 IN MX 10 vmailin01mx.hol.gr.
etanam.gr. 86400 IN MX 10 vmailin02mx.hol.gr.
etanam.gr. 86400 IN MX 20 vmail.hol.gr.
http://www.etanam.gr. 86400 IN CNAME http://www.site4all.gr.
etanam.gr. 86400 IN SOA ns0.hol.gr. hostmaster.hol.gr. 2003071701 28800 7200 604800 86400
;; Query time: 6 msec
;; SERVER: 194.30.220.118#53(194.30.220.118)
;; WHEN: Mon May 25 14:31:02 2009
;; XFR size: 9 records (messages 1, bytes 277)
#


# dig @ns1.hol.gr intralot.com -t AXFR

; <> DiG 9.2.4 <> @ns1.hol.gr intralot.com -t AXFR
; (1 server found)
;; global options: printcmd
intralot.com. 3600 IN SOA intralot.com. admin.intralot.com. 2009052807 28800 7200 2419200 3600
intralot.com. 3600 IN MX 10 mail.intralot.com.
intralot.com. 3600 IN MX 30 mail2.intralot.com.
intralot.com. 3600 IN NS ns0.hol.gr.
intralot.com. 3600 IN NS ns1.hol.gr.
intralot.com. 3600 IN NS ns2.hol.gr.
intralot.com. 3600 IN NS dns1.intralot.com.
intralot.com. 3600 IN NS dns2.intralot.com.intralot.com.
intralot.com. 3600 IN A 193.164.227.170
195.97.26.100.intralot.com. 3600 IN PTR e-learning.intralot.com.
195.97.26.110.intralot.com. 3600 IN PTR smail.intralot.com.
dns1.intralot.com. 3600 IN A 195.97.19.1
e-learn.intralot.com. 300 IN A 195.97.26.100
elearning.intralot.com. 300 IN A 195.97.26.100
email.intralot.com. 3600 IN A 195.97.15.163
email2.intralot.com. 3600 IN A 195.97.15.164
ftp.intralot.com. 3600 IN A 194.30.236.228
igate.intralot.com. 3600 IN A 80.76.51.76
mail.intralot.com. 3600 IN A 195.97.26.103
mail2.intralot.com. 3600 IN A 195.97.26.112
mailer.intralot.com. 3600 IN A 194.30.236.225
mailer2.intralot.com. 3600 IN A 195.97.15.174
smail.intralot.com. 3600 IN A 195.97.26.110
sslvpn.intralot.com. 3600 IN A 195.97.26.105
webmail1.intralot.com. 3600 IN A 195.97.26.103
webmail2.intralot.com. 3600 IN A 194.30.236.227
http://www.intralot.com. 3600 IN A 193.164.227.170
intralot.com. 3600 IN SOA intralot.com. admin.intralot.com. 2009052807 28800 7200 2419200 3600
;; Query time: 130 msec
;; SERVER: 194.30.220.119#53(194.30.220.119)
;; WHEN: Wed Oct 28 03:55:23 2009
;; XFR size: 28 records

#



# dig @ns1.hol.gr 26.97.195.in-addr.arpa -t AXFR
; <> DiG 9.2.4 <> @ns1.hol.gr 26.97.195.in-addr.arpa -t AXFR
; (1 server found)
;; global options: printcmd
26.97.195.in-addr.arpa. 86400 IN SOA ns0.hol.gr. hostmaster.hol.gr. 2009091801 28800 7200 604800 86400
26.97.195.in-addr.arpa. 86400 IN NS ns0.hol.gr.
26.97.195.in-addr.arpa. 86400 IN NS ns1.hol.gr.
26.97.195.in-addr.arpa. 86400 IN NS ns2.hol.gr.
100.26.97.195.in-addr.arpa. 86400 IN PTR mail.wavelord.gr.
103.26.97.195.in-addr.arpa. 86400 IN PTR mail.intralot.com.
109.26.97.195.in-addr.arpa. 86400 IN PTR serial03-02.pir01.gwc.hol.gr.
110.26.97.195.in-addr.arpa. 86400 IN PTR smail.intralot.com.
112.26.97.195.in-addr.arpa. 86400 IN PTR mail2.intralot.com.
114.26.97.195.in-addr.arpa. 86400 IN PTR nts03.net-trust.gr.
13.26.97.195.in-addr.arpa. 86400 IN PTR serial01-06.pir01.gwc.hol.gr.
14.26.97.195.in-addr.arpa. 86400 IN PTR serial00-00.emo08.emotion.hol.gr.
141.26.97.195.in-addr.arpa. 86400 IN PTR serial03-01.pir01.gwc.hol.gr.
157.26.97.195.in-addr.arpa. 86400 IN PTR serial02-05.pir01.gwc.hol.gr.
18.26.97.195.in-addr.arpa. 86400 IN PTR mail.htd-greece.com.
29.26.97.195.in-addr.arpa. 86400 IN PTR serial01-07.pir01.gwc.hol.gr.
30.26.97.195.in-addr.arpa. 86400 IN PTR serial00-00.emo35m04.emotion.hol.gr.
45.26.97.195.in-addr.arpa. 86400 IN PTR serial02-01.pir01.gwc.hol.gr.
46.26.97.195.in-addr.arpa. 86400 IN PTR serial00-00.emo30.emotion.hol.gr.
61.26.97.195.in-addr.arpa. 86400 IN PTR serial02-02.pir01.gwc.hol.gr.
62.26.97.195.in-addr.arpa. 86400 IN PTR serial00-00.emo28.emotion.hol.gr.
66.26.97.195.in-addr.arpa. 86400 IN PTR mail.argogroupage.gr.
77.26.97.195.in-addr.arpa. 86400 IN PTR serial02-03.pir01.gwc.hol.gr.
78.26.97.195.in-addr.arpa. 86400 IN PTR serial00-00.emo25.emotion.hol.gr.
93.26.97.195.in-addr.arpa. 86400 IN PTR serial03-03.pir01.gwc.hol.gr.
94.26.97.195.in-addr.arpa. 86400 IN PTR mail.posseidon.gr.
26.97.195.in-addr.arpa. 86400 IN SOA ns0.hol.gr. hostmaster.hol.gr. 2009091801 28800 7200 604800 86400
;; Query time: 144 msec
;; SERVER: 194.30.220.119#53(194.30.220.119)
;; WHEN: Wed Oct 28 04:05:24 2009
;; XFR size: 27 records
#



# dig @ns1.hol.gr intracom.com -t AXFR

; <> DiG 9.2.4 <> @ns1.hol.gr intracom.com -t AXFR
; (1 server found)
;; global options: printcmd
intracom.com. 86400 IN SOA ns0.intranet.gr. nsadm.ns0.intranet.gr. 2009072201 10800 3600 604800 86400
intracom.com. 86400 IN NS ns0.hol.gr.
intracom.com. 86400 IN NS ns0.intranet.gr.
intracom.com. 86400 IN NS ns1.intranet.gr.
intracom.com. 86400 IN MX 10 extmail.intranet.gr.
group.intracom.com. 86400 IN A 146.124.23.158
yu.intracom.com. 86400 IN CNAME http://www.intracom.rs.
intracom.com. 86400 IN SOA ns0.intranet.gr. nsadm.ns0.intranet.gr. 2009072201 10800 3600 604800 86400
;; Query time: 126 msec
;; SERVER: 194.30.220.119#53(194.30.220.119)
;; WHEN: Wed Oct 28 03:59:26 2009
;; XFR size: 9 records

# dig @ns1.hol.gr intranet.gr -t AXFR

; <> DiG 9.2.4 <> @ns1.hol.gr intranet.gr -t AXFR
; (1 server found)
;; global options: printcmd
intranet.gr. 86400 IN SOA ns1.intranet.GR. hostmaster.ns1.intranet.GR. 2009111101 10800 3600 604800 86400
intranet.gr. 86400 IN MX 10 extmail.intranet.GR.
intranet.gr. 86400 IN NS ns0.hol.gr.
intranet.gr. 86400 IN NS ns0.intranet.gr.
intranet.gr. 86400 IN NS ns1.intranet.GR.
active.intranet.gr. 86400 IN A 146.124.106.54
acts.intranet.gr. 86400 IN A 146.124.106.10
adamas.intranet.gr. 86400 IN A 146.124.106.62
aiva2002.intranet.gr. 86400 IN A 146.124.106.85
aldebaran.intranet.gr. 86400 IN A 146.124.54.94
archeoguide.intranet.gr. 86400 IN A 146.124.106.59
aris-ist.intranet.gr. 86400 IN A 146.124.106.73
barracuda.intranet.gr. 900 IN MX 10 barracuda1.intranet.GR.
barracuda.intranet.gr. 900 IN MX 10 barracuda2.intranet.GR.
barracuda1.intranet.gr. 900 IN A 146.124.110.34
barracuda2.intranet.gr. 900 IN A 146.124.110.35
cipv6.intranet.gr. 86400 IN A 146.124.106.71
contessa.intranet.gr. 86400 IN A 146.124.106.72
cosiba.intranet.gr. 86400 IN A 146.124.106.70
easy.intranet.gr. 86400 IN A 146.124.106.74
emc.intranet.gr. 86400 IN A 146.124.23.155
esharing.intranet.gr. 86400 IN A 146.124.106.87
esharing-demo.intranet.gr. 86400 IN A 146.124.108.42
evolute.intranet.gr. 86400 IN A 146.124.106.77
extmail.intranet.gr. 86400 IN A 192.92.155.11
fireworks.intranet.gr. 86400 IN A 146.124.106.93
ftp.intranet.gr. 86400 IN A 146.124.23.105
gemini.intranet.gr. 86400 IN A 146.124.106.79
group.intranet.gr. 86400 IN CNAME group.intracom.com.
hearts.intranet.gr. 86400 IN CNAME itsc2004.intranet.GR.
helios.intranet.gr. 86400 IN A 146.124.14.200
hynodepc.intranet.gr. 86400 IN A 146.124.105.60
hyserv.intranet.gr. 86400 IN A 146.124.105.66
icm-110-130.intranet.gr. 86400 IN A 146.124.110.130
imedia.intranet.gr. 86400 IN A 146.124.106.65
imedia1.intranet.gr. 86400 IN A 146.124.105.21
imet.intranet.gr. 86400 IN MX 10 extmail.intranet.GR.
giona.imet.intranet.gr. 86400 IN MX 10 giona.imet.intranet.GR.
giona.imet.intranet.gr. 86400 IN A 146.124.88.62
pcgar.imet.intranet.gr. 86400 IN A 146.124.88.18
storm.imet.intranet.gr. 86400 IN A 146.124.88.10
imis.intranet.gr. 86400 IN A 146.124.106.100
imis-img.intranet.gr. 86400 IN A 146.124.108.32
in141-56.intranet.gr. 86400 IN A 146.124.141.56
in141-57.intranet.gr. 86400 IN A 146.124.141.57
in141-58.intranet.gr. 86400 IN A 146.124.141.58
in141-59.intranet.gr. 86400 IN A 146.124.141.59
infosea.intranet.gr. 86400 IN A 146.124.106.56
interco-soc.intranet.gr. 86400 IN A 146.124.106.89
intlifesrv.intranet.gr. 86400 IN A 146.124.106.153
intra1.intranet.gr. 86400 IN A 146.124.106.50
intra2.intranet.gr. 86400 IN A 146.124.102.51
intraconst.intranet.gr. 86400 IN A 146.124.23.153
intragenome.intranet.gr. 86400 IN A 146.124.23.150
ios.intranet.gr. 86400 IN A 146.124.102.60
ios1.intranet.gr. 86400 IN A 146.124.102.61
ios2.intranet.gr. 86400 IN A 146.124.102.62
ios3.intranet.gr. 86400 IN A 146.124.102.63
ios4.intranet.gr. 86400 IN A 146.124.102.64
iospc1.intranet.gr. 86400 IN A 146.124.104.51
iospc2.intranet.gr. 86400 IN A 146.124.104.52
iospc3.intranet.gr. 86400 IN A 146.124.104.53
iospc4.intranet.gr. 86400 IN A 146.124.104.54
iospc5.intranet.gr. 86400 IN A 146.124.104.55
iospc6.intranet.gr. 86400 IN A 146.124.104.56
iospc7.intranet.gr. 86400 IN A 146.124.104.57
iostest.intranet.gr. 86400 IN A 146.124.103.17
iostest2.intranet.gr. 86400 IN A 146.124.103.18
iostest3.intranet.gr. 86400 IN A 146.124.103.19
itsc2004.intranet.gr. 86400 IN A 146.124.106.90
jetspeed.intranet.gr. 86400 IN A 146.124.23.152
koykoy.intranet.gr. 86400 IN NS vikos.intranet.gr.
leon.intranet.gr. 86400 IN CNAME ns1.intranet.GR.
localhost.intranet.gr. 86400 IN A 127.0.0.1
loveus.intranet.gr. 86400 IN A 146.124.106.76
mailhost.intranet.gr. 86400 IN CNAME mailserv.intranet.GR.
mailhub.intranet.gr. 86400 IN CNAME mailserv.intranet.GR.
mailserv.intranet.gr. 86400 IN A 146.124.14.106
marketmaker.intranet.gr. 86400 IN A 146.124.106.83
mededi.intranet.gr. 86400 IN A 146.124.106.57
mededi-r.intranet.gr. 86400 IN A 146.124.106.60
melisa.intranet.gr. 86400 IN A 146.124.106.84
mexpress.intranet.gr. 86400 IN A 146.124.106.75
mexpress-demo.intranet.gr. 86400 IN A 146.124.108.35
micro2DNA.intranet.gr. 86400 IN A 146.124.106.92
mtn.intranet.gr. 86400 IN A 146.124.106.58
multiplatform2004.intranet.gr. 86400 IN A 146.124.106.91
mummy.intranet.gr. 86400 IN A 146.124.106.86
mummywasp.intranet.gr. 86400 IN A 146.124.108.46
musical.intranet.gr. 86400 IN A 146.124.106.88
musicsrv.intranet.gr. 86400 IN A 146.124.106.151
netmod.intranet.gr. 86400 IN A 146.124.23.151
netphone.intranet.gr. 86400 IN CNAME http://www.intranet.GR.
newsext.intranet.gr. 86400 IN CNAME ftp.intranet.GR.
nomos.intranet.gr. 86400 IN MX 10 extmail.intranet.GR.
iserv.nomos.intranet.gr. 86400 IN A 146.124.87.38
ns0.intranet.gr. 86400 IN A 192.92.155.10
ns1.intranet.gr. 86400 IN A 146.124.141.250
osforum.intranet.gr. 86400 IN A 146.124.109.2
papylon.intranet.gr. 86400 IN A 146.124.14.106
perla.intranet.gr. 86400 IN A 146.124.106.82
phaethon.intranet.gr. 86400 IN A 146.124.110.36
piste.intranet.gr. 86400 IN A 146.124.106.64
profits-support.intranet.gr. 86400 IN A 146.124.109.4
saxo.intranet.gr. 86400 IN A 146.124.106.128
smisdemo.intranet.gr. 86400 IN A 146.124.106.152
smoothit.intranet.gr. 86400 IN A 146.124.100.68
stingray.intranet.gr. 86400 IN A 146.124.106.78
thes.intranet.gr. 86400 IN MX 10 snake.intrasoftnet.com.
up-tv.intranet.gr. 86400 IN A 146.124.106.81
victoria.intranet.gr. 86400 IN A 146.124.106.150
vikos.intranet.gr. 86400 IN A 146.124.50.110
w3dpdext1.intranet.gr. 86400 IN A 146.124.106.80
w3ixg.intranet.gr. 86400 IN A 146.124.160.101
wolf.intranet.gr. 86400 IN A 146.124.141.60
wooddes.intranet.gr. 86400 IN A 146.124.106.61
http://www.intranet.gr. 86400 IN A 146.124.23.149
x400-gate.intranet.gr. 86400 IN CNAME mailserv.intranet.GR.
yu.intranet.gr. 86400 IN CNAME yu.intracom.com.
intranet.gr. 86400 IN SOA ns1.intranet.GR. hostmaster.ns1.intranet.GR. 2009111101 10800 3600 604800 86400
;; Query time: 123 msec
;; SERVER: 194.30.220.119#53(194.30.220.119)
;; WHEN: Wed Oct 28 03:59:47 2009
;; XFR size: 121 records
#




Discussion

Comments are closed.

%d bloggers like this: