Txdns

764 views

Published on

Presentation, Algorithms for extraction and visualization of
metadata from Domain Name Server records -- Algorithms for extraction and visualization of
metadata from Domain Name Server records

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
764
On SlideShare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Txdns

  1. 1. Universidade Lusófona de Humanidades e Tecnologias Instituto de Telecomunicações Universidade da Beira Interior Algorithms for extraction and visualization of meta-data from Domain Name Server records Arley Leal Silveira Nuno M. Garcia arleybls@gmail.com, ngarcia@professores.ulusofona.pt == MESH 2010, 20th July 2010, Mestre / Venice, Italy ==
  2. 2. Algorithms for extraction and visualization of meta-data from Domain Name Server records Agenda Introduction / Motivation Algorithms Results Conclusions ngarcia@professores.ulusofona.pt 2
  3. 3. Algorithms for extraction and visualization of meta-data from Domain Name Server records Introduction Domain Name System is a distributed hierarchical network service / infra-structure that contains the relations between the names and the IP addresses of machines who deliver services over an IP network. Typically a large organization deploys its own DNS server(s). To manage the information in these servers can be ... troublesome. ngarcia@professores.ulusofona.pt 3
  4. 4. Algorithms for extraction and visualization of meta-data from Domain Name Server records Introduction / Motivation “ If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Sun Tzu, the Art of War ngarcia@professores.ulusofona.pt 4
  5. 5. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms There are a number of tools which already do this (DioNiSio, dnsmap, dnsenum, ...) We combined all the goodies from other tools, and added typing errors (several flavours) and transposition. ngarcia@professores.ulusofona.pt 5
  6. 6. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms We can query the DNS database, to look for responses for URL names. We can use a number of strategies TLD rotation brute force dictionary attack typing errors ngarcia@professores.ulusofona.pt 6
  7. 7. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms TDL rotation brute force dictionary attack typing errors Can be used conjointly, and deploying threads. ngarcia@professores.ulusofona.pt 7
  8. 8. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms TLD rotation uses the TLD definition from IANA looks for domains which are similar to the one we want, except on the TLD domain suffix, incluing second level TLD domains. ngarcia@professores.ulusofona.pt 8
  9. 9. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms TLD rotation ngarcia@professores.ulusofona.pt 9
  10. 10. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Brute force generates random words from a set of characters and numbers, up to a defined length looks for sub-domains of the domain we want. ngarcia@professores.ulusofona.pt 10
  11. 11. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Brute force ngarcia@professores.ulusofona.pt 11
  12. 12. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Dictionary attack uses words from a list (dictionary) looks for sub-domains of the domain we want. ngarcia@professores.ulusofona.pt 12
  13. 13. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Dictionary attack ngarcia@professores.ulusofona.pt 13
  14. 14. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Typing errors uses three different approaches transposition (using the key close the one you wanted to type) double typing (doublee typingg) omission (omssion) looks for domains that are similar to the domain we want. ngarcia@professores.ulusofona.pt 14
  15. 15. Algorithms for extraction and visualization of meta-data from Domain Name Server records Algorithms Typing errors ngarcia@professores.ulusofona.pt 15
  16. 16. Algorithms for extraction and visualization of meta-data from Domain Name Server records Integration with a visualization tool txdns is usable with Maltego from Paterva to achieve this, the standard output of the tool was redirected to an XML stream formatted according to the rules of Maltego; you also need to create a resource, and add a DNS context to the Maltego workspace; Maltego allows for a intuitive visualization of the data, and to query again a previously obtained result. ngarcia@professores.ulusofona.pt 16
  17. 17. Algorithms for extraction and visualization of meta-data from Domain Name Server records ngarcia@professores.ulusofona.pt 17
  18. 18. Algorithms for extraction and visualization of meta-data from Domain Name Server records ngarcia@professores.ulusofona.pt 18
  19. 19. Algorithms for extraction and visualization of meta-data from Domain Name Server records Conclusions txdns implements several strategies and algorithms to query the DNS infrastructure; it is deployable using threads, and it was build in C, so it is portable; may be integrated with visualization tools such as Paterva’s Maltego; both the executable file and the source code are avaliable online ate http://netlab.ulusofona.pt/id Thank you. Questions? ngarcia@professores.ulusofona.pt 19
  20. 20. Algorithms for extraction and visualization of meta-data from Domain Name Server records CONCLUSIONS txdns implements several Thank you! strategies and algorithms to query the DNS Questions? infrastructure; it is deployable using Algorithms for extraction and threads, and it was build in C, so it is portable; visualization of meta-data from may be integrated with Domain Name Server records visualization tools such as Paterva’s Maltego; Arley Leal Silveira both the executable file and Nuno M. Garcia the source code are avaliable online ate http:// arleybls@gmail.com, ngarcia@professores.ulusofona.pt netlab.ulusofona.pt/id MESH 2010, 20th July 2010, Mestre / Venice, Italy ngarcia@professores.ulusofona.pt 20

×