Awesome DNS Tool – Deep Magic

This past week Rob Fuller (@Mubix) turned on public search for his awesome Deep Magic DNS project.

This is a great project where he is collecting DNS records for as much as the Internet as he can manage with some really creative methods. Currently he has turned on PTR record searching.  So let’s say you are doing a pen test or joining a new organization. You need to gather what information is available for the domain you are being employees to help. Just put the domain in quotes up in the search field and you will get back the resulting records. The search results are limited to 1,000 records by default but can be increased to up to 10,000.  Small personal domains may not show up. It is giving great results for larger more established domains for organizations.

Just dump as many of the records you can. Drop it in a text file and grep with fun words like ldap, dc, mail, ftp etc can speed up your learning curve.


To restrict an Active Directory Group to a single VPN Tunnel Group


Let’s say you have Cisco ACS up and running. It is already successfully talking to your Active Directory installation. You also already have an existing VPN Client remote configuration where the group policy name is “GP_VPN_ITNET” and the tunnel group name is “TG_VPN_ITNET”

Now you have an active directory group called “RG_VPN_ITNET” and want to ensure that the only vpn remote access profile that group can use is the existing remote configuration.

Continue reading “To restrict an Active Directory Group to a single VPN Tunnel Group”