Title :
Search Engine Based Investigation on Misconfiguration of Zone Transfer
Author :
Yin Minn Pa Pa ; Yoshioka, Kazuaki ; Matsumoto, Tad
Author_Institution :
Grad. Sch. of Environ. & Inf. Sci., Yokohama Nat. Univ., Yokohama, Japan
Abstract :
This study proposes how to investigate the existence of misconfigurations of zone transfer in any level of domain name system hierarchy using search engine based approach without the need to look at the zone file. The analysis has been conducted on 1,284 authoritative name servers of 314 top-level domains and 46,416 authoritative name servers of second level domain of 249 country code top-level domains. In case of top-level domains investigation, 84 name servers authoritative to answer for 53 top-level domains are misconfigured and allow zone transfer to us. In case of second level domains investigation, 5,394 authoritative name servers authoritative to answer for 6,234 second-level domains allow zone transfer. In particular, we found a serious misconfiguration case where the misconfigured DNS server was authoritative for not only its TLD but also SLD and lower level, exposing 83 % the DNS related information of the country to the public.
Keywords :
Internet; authorisation; file servers; search engines; authoritative name servers; country code top-level domains; domain name system hierarchy; misconfigured DNS server; search engine based approach; zone transfer misconfiguration; Google; IP networks; Internet; Search engines; Semiconductor optical amplifiers; Servers; Superluminescent diodes; misconfiguration of zone transfer;
Conference_Titel :
Information Security (Asia JCIS), 2013 Eighth Asia Joint Conference on
Conference_Location :
Seoul
DOI :
10.1109/ASIAJCIS.2013.16
