I currently find myself in an intriguing position, it is weird because this is one of the happiest/saddest posts I have ever made in my entire life in any of the blogs I wrote in. Let me explain to you why:

Reading over the past few blog entries, you will notice that I announced I had been offered a position as a Research demonstrator and a PhD at University of Bedfordshire, this was amazing, I know that it was an amazing offer and it also if you read my previous post I had never received an offer from a company that would tempt me into the enterprise world.

Well for the last couple of weeks, a set of personal life situations has put me in a position where I felt like re-thinking my work situation, these situations combined with an amazing possibility that presented it self in form of a job, I decided that it was indeed time for me to get an actual job, I have been to the interview and will be joining the application security team at Realex payments. What does this mean to me?

  • This blog will be shut down, “why?” you might ask, because as part of my job requirements (and much to my pleasure and honor) I will be blogging at the securityninja website.
  • I will be working with people that are well respected in the Infosec industry and have spoken in big conferences.
  • I will be moving out of Luton, the job is based in Dublin, Ireland.
  • I will at some point after I adapt to the new job, join a PhD at one of the Universities from Dublin.

To finalize this post, I would just like to say thanks to:

  • My mother for the infinite support she has given me, may that be monetarily, and/or mental. I will never be able to repay all U’ve done for me.
  • Elina I also thank you for all your support. you rock and I believe the Dublin times are gonna rock! *fingers crossed to you getting into Uni there*
  • Prof. Carsten Maple, you have been and always were an amazing supervisor and a good friend of whom I will keep good memories and have a LOT to thank for, I don’t think I can ever thank you enough.
  • Mr Geraint Williams, I really enjoyed learning about forensics from you, and how to deal  with the legal part of a pentest project, I hope that we  can work in some sort of project together in the future.
  • Nabeel, you helped me out a LOT and I am really looking forward to your visit my friend. You are like a brother to me and I really thank you for everything you’ve done.

I am happy, because I know I will be joining an amazing team (I have to thank David Rook for the amazing support he has been giving me in the past month with all the changes and process I can see that you will be an amazing person to work with and learn from), and I will learn a lot and do a lot of interesting work, I am sad because once again I will have to leave friends and people that became very close to me in the past 2 years behind.  I will miss you all Luton lot but this is the path I have decided to follow…

Thank you and farewell



Not even gonna bother with giving the same excuse again, I have indeed been slacking on my blogging, mostly due to the events am about to describe.


The best way to describe Codebits is “a major slap across my face” I have been to quite a few events in Portugal related to IT, and organised by Portuguese people and I must say they always felt like second class events, that could not match up with internacional events such as InfoSec, DefCon, BH, etc etc etc ( all major conferences). Codebits changed all that, it was an AMAZING 3 day event, with an amazing organisation. Again, it wasn’t perfect but it was definitely a first class event. I met some really interesting people and got to spend time with some old buddies : @morisson @vd @nunoloureiro @tmendo @klinzter @oligenhex ! It was amazing seeing all these guys and associating some twitter handles with some faces. During Codebits there was a security competition, where me, @morisson, @oligenhex and @klinzter qualified as a team. Our team leader was @morisson and we had the best team leader anyone could ever ask for. He was calm and did an amazing work on exploitation of web apps. Truth said, we did the best we could, we had lots of fun and there is always next year. (Note to self: Learn more on web application security defense/exploitation). And pre-test some kernel exploits (Any of you know why @taviso exploit didnt work yet?).

A second topic I want to discuss about Codebits are the presentations! I presented at Codebits, as usual a talk about Computer Forensics, this time a modified version, that tried to explain without any F U D, in general I believe my presentation went well and the comments on twitter reflect that. I know that some of my slides had some extra bits of information that could have been more synthesised but hey, it will get there. I have now done this presentation 3 times this year and ran the workshop 2 times. It is enough. I now need to start looking at a new topic to start writing for 2011, because truth said I do enjoy this whole presenting at conferences thing. If needed I will run my Computer Forensics presentation/workshop if some organisation asks me to but other then that I believe I am now done with it. I had an amazing year conference wise and things went really well for me. About the other talks at Codebits: Well some of them were pretty good, others were absolutely a WASTE of time. I really enjoyed Lenz Grimmer Quadrocopter talk and @celso Spacebits talk was AMAZING as well and everyone that loves electronics should check out their page (spacebits.eu) because it really is a good project. Another talk that I realllllly enjoyed was Brian Suda’s talk about Collecting and Visualising Data, as usual @morisson kicked some ass giving a really good talk on Web App Pentest and same for @NunoLoureiro and @Tmendo, who gave a talk on Advanced SQL Injections.

Things that in my opinion should be improved next Codebits?

  1. Lighting ( I get all the green lighting to make it the “Codebits mood” but we could really use some areas with PROPER lights
  2. More chairs/tables

Thats it. Im usually quite picky about stuff but those 2 points are really the only 2 things I have to comment about.


Conclusion: Team Sapo made an amazing work at that event, and I am really hyped about Codebits 2011!

Moving along to next topic.

MSc, PhD,Teaching aka Academia

*Sigh* This is a topic that at the moment is very hard for me to write about, very hard for several reasons, one of them being that most of my mates LEFT to go and work for companies out of Luton. Vlad moved to Egham and is working for @fsecureukteam and Igor is also working for a big company down in London. I am very happy and proud of these guys but miss them dearly. Our long geek chats and drinking were amazing, and we had a really good year here in Luton. I am still waiting to defend my thesis, hopefully will manage to get that soon, while waiting I have started my PhD reading papers to get a proposal written, Im currently under the supervision of Prof. Carsten Maple and Dr. Vladimir Dyo . My research will be on the topic of Wireless Sensor Networks which is an area relatively new to me, this makes me happy rather then nervous as I will learn lots and hopefully write good papers on it. Hey who knows, maybe ill even mix Security with WSN and my around the world presentation for next year will focus on that! Meanwhile am also teaching! This has been both fun and boring, fun because I have met some interesting characters that really make it fun to teach them, boring because some of the topics am teaching are of 0 interest to me (!!!Microsoft Access!!!) and I really don’t like them!

Many people have been asking me if going into academic was the right choice instead of going to work for a company. Well truth is, I don’t know. I can see how in the long run getting a PhD is a good thing, but getting early experience is also an amazing thing, and I guess I never really got an offer from a company that did something that would really interest me.


Oh I forgot this:

[blip.tv ?posts_id=4140733&dest=-1]


This is it for now.

Hopefully will be able to post soon! I live with a E. now, so when am not cleaning or cooking or working I get to sleep! 😀 she is still awesome tho!

This summer is passing pretty fast, and I’ve learned LOTS of different stuff some more interesting then others but all good in the end.

I’ve had a bit of absence from the blog not because I have nothing to post but because I lack the time to do it. I’ve moved places and am now living with E. We also added a new element to the family (no am not a dad, yet!), we bought a Dog. She’s named Penny, born 15th of May and of Border-Collie breed. Following is a photo of Penny giving you all a big smile:

Next up, I received an award from University of Bedfordshire and train2game company, we had a lovely ceremony and it felt really good to go up on that stand and receive my award (3000£):

For those of you wondering, yes I’ve spent those 3000£ already, I got myself 2 certifications: CEH and CHFI.

Following all this my friend Fabio came and visit me up here in Luton since he is trying to get into the University. Looking at 2 weeks of boredom I ordered an Arduino and what were supposed to be 2 weeks of boredom became 2 weeks of fun hardware and software hacking. I’ve never had electronics in my life so I bought myself an Arduino starter kit from cool-components.co.uk (Amazing company, order took 24 hours to get dispatched), I then went to Maplin and bought a soldering iron and some other bits and bobs that made a good starter kit for electronics. After putting all different components in different containers and learning about them we decided to start doing some stuff. So what did we come up with? This:

Arduino gmail hardware notification

This hack, combines python script with the arduino 3 leds show the level of email a inbox contains (green being from 0 – 4, yellow 5-7 and red 8-10> ), we also added 2 speakers to it one of them louder then the other and when we are at level yellow one of them starts ringing and at extreme/critical level both bells ring and they are L O U D!

Photos and Schematics:

Now to use this you will need 2 scripts:


1st- Python script that will get your gmail inbox size and send it through the serial port to the arduino:

import serial, sys, feedparser, time
#put your account information here
SERIALPORT = “/dev/tty.usbserial-A700e0U243” # This must match your serial port if you are on linux mac a ls /dev |grep tty.usb should show your usb
# Set up serial port
ser = serial.Serial(SERIALPORT, 9600)
ser.setDTR(False) # Drop DTR
except serial.SerialException:
newmails = int(feedparser.parse(PROTO + USERNAME + “:” + PASSWORD + “@” + SERVER + PATH)[“feed”][“fullcount”])
# Output data to serial port
print ‘New mails ‘, newmails
if (newmails > 0 ) & (newmails < 5):
time.sleep(1.0) #Wait for DTR reset
print ‘SENT G’
elif (newmails >= 5 ) & (newmails < 10):
print ‘SENT Y’
elif newmails >= 10:
print ‘SENT X’
print ‘SENT C’
# Close serial port


2nd the Arduino sketch:

int greenPin = 12; // Output connected to digital pin 12

int redPin = 11;

int yellowPin = 10;

int greenmail = LOW; // Is there new mail?

int redmail = LOW;

int yellowmail = LOW;

int highbellPin = 9;

int highbellmail = LOW;

int lowbellPin = 8;

int lowbellmail = LOW;

int val; // Value read from the serial port

void setup()


pinMode(greenPin, OUTPUT);

pinMode(yellowPin, OUTPUT);

pinMode(redPin, OUTPUT);

pinMode(highbellPin, OUTPUT);





void loop()


// Read from serial port

if (Serial.available())


val = Serial.read();


if (val == ‘G’){

greenmail = HIGH;



if (val == ‘C’){

greenmail = LOW;

redmail = LOW;

yellowmail = LOW;

highbellmail = LOW;

lowbellmail = LOW;



if (val == ‘X’) {

redmail = HIGH;

yellowmail = HIGH;

greenmail = HIGH;

highbellmail = HIGH;

lowbellmail = HIGH;



if (val == ‘Y’) {

yellowmail = HIGH;

greenmail = HIGH;

lowbellmail = HIGH;



// Set the status of the output pin

digitalWrite(greenPin, greenmail);

digitalWrite(highbellPin, highbellmail);

digitalWrite(redPin, redmail);

digitalWrite(yellowPin, yellowmail);




So after finishing this project we decided it was LCD time, so I got this really cheap screen from Maplin and we started messing around with it. I found this website to be extremely useful in this part, though anyone that wants to do this project should be able to follow our schematics pretty easily.

Project 2:

So the second project is similar in certains parts to the first one, but essentially what happens is: python script reads gmail rss feed gets number of emails and author of email and writes this information to the LCD screen. The Schematics:

And the Code:


1st Python script

import serial, sys, feedparser, time, textwrap

#Account details






SERIALPORT = “/dev/tty.usbserial-A700e0U251” # Change to your serial port!

# Set up serial port


ser = serial.Serial(SERIALPORT, 9600)

ser.setDTR(True) # Drop DTR


except serial.SerialException:



newmails = int(feedparser.parse(PROTO + USERNAME + “:” + PASSWORD + “@” + SERVER + PATH)[“feed”][“fullcount”])

if (newmails > 0 ):

for i in range(0, newmails):

author = str(feedparser.parse(PROTO + USERNAME + “:” + PASSWORD + “@” + SERVER + PATH).entries[i].author)

print “Authors: ” + author


# Output data to serial port

print ‘New mails ‘, newmails

authserial = textwrap.wrap(author,6)

ser.write(str(newmails) + “”)



print “SENT:” + str(newmails) + authserial[0]




print ‘BOXEMPTY’

time.sleep(1.0)# Drop DTR

# Close serial port



2nd – Arduino sketch

#include <LiquidCrystal.h>

LiquidCrystal lcd(7,8,9,10,11,12); // this is obiusly my connection since i use a ethernet shield i can’t use 10..13

// LiquidCrystal lcd(12, 11, 5, 4, 3, 2); normal connections

int warningPin = 13;

int warningMail = LOW;

void setup(){

lcd.begin(16, 2);



pinMode(warningPin, OUTPUT);


void loop(){

if (Serial.available())



lcd.setCursor(0, 0);



while (Serial.available() > 0) {

// display each character to the LCD



warningMail = HIGH;




Well both these projects were fun to work on and Im still learning a lot, got a few books to read and thats pretty much what I do in my spare time since I’ve been using most of my time to write my MSc thesis which is ,thankfully, nearly done!!! (I dont even know why I say thankfully after am done with this one, I start my Doctorate straight way but its a whole different topic and I’ve got something reallllllllllly interesting planned!). I would also like to thank Prof. Carsten Maple for all the support he has given me on an academic and friend level he is a great supervisor and am happy to be under his wing.
PS:Oh by the way did I mention ill be talking at Ibwas’10? http://www.owasp.org/index.php/IBWAS10  (SPEAKERS tab)
PPS: Ill also be attending hack.lu simply, because I want to meet the 303 crew.
Thank you all for reading

Hello everybody, lots to talk about this time.

For those of you that don’t know what LIGATT you can go up to http://matthewhughes.co.uk/2010/06/a-brief-guide-to-the-ligatt-saga/ and read what it is all about and what has been happening. Am not gonna hit the same spot because Matt and a few others already covered it pretty well. Now what I would comment on is:

– Its probably a better idea if we just drop the whole LIGATT issue! Why? Because LIGATT and Gregory D are trolls and we all know that we should not feed the trolls. Continually talking about them will only keep them longer on the infosec community and piss more people off. While I say this I also feel that people that have been affected by the plagiarism will probably feel the need for some answers, instead of tweeting about it and commenting about it on blogs, they should start to proceed with the legal matters and hire lawyers and take this to the courts of law.

-If anyone knows people at fox news, please contact them! They need to know what a fraud Gregory D Evans.

Now as a little message to Gregory D Evans:

Please, for the sake of the InfoSec Community, close your company and leave.Do a business change maybe into the whole music business (hip-hop?) or just choose another area but leave InfoSec. You and your company are like cancer and need to leave this community/business because ur only contributing to the death of Infosec, pentests and the whole security business.  If you want to stay, start being humble, learn that you are not number #1 or 2 or 1000 even. All you are is a script kiddie like many more out that that runs tools that other people that are actually good at their job write and waste their time doing development on. And of course you don’t even bother giving those people the right credits and just plagiarise their work.

If you are lazy just follow the people am about to write and that I consider to be my TOP 10 Infosec peeps:

Many people might not agree with my list but again im gonna set it by order of how these people’s research affects my own life and research.

1 – Dino Dai Zovi – All is work on OS X stuff like the MACH presentations and advanced exploits really helped me a lot while digging some stuff for my MSc thesis so I will definitely put him first.

2 – H D Moore – Metasploit Do i need to say anything else?

3 – David R3l1k – All his work on SET is simply amazing and he is a really good guy who tries to help everyone and get all cool features into SET as fast as he can.

4 – Chris Nickerson and the EL Crew – well… Exotic Liability anyone?

5 – Offensive-security crew – not even gonna bother describing why.

6 – Corelancoder –  He made some awesome kick ass Vulnerability discover tutorials and exploit writing that everyone should read.

7 – Joanna Rutkowska – blue pill was already pretty cool research and then she comes out with Qubes-os which is a pretty neat idea!

8 – Karsten Nohl – Meet him during this weekend, his research on GSM security was absolutely brilliant and he is a really nice guy to chat with

9 – Carlos Perez – he does AWESOME post exploitation stuff,and really knows his shit, he dropped some good hints and EL and I really enjoy his work

10 – Chris John Riley – relatively “new” guy in the security field, yet he is already quite a fella, he is doing some cool work with User Agents so have a look at his website.

So yeah… this is my top 10 list for the security lads, I know some people might not agree with it, but as I mentioned before this list is based on research that I find helpful for the stuff I do or that I am interested in.


About 1 month ago, my friend Ralf Braga came down to Luton to visit, he had already invited me to attend just4meeting and I had already booked my flights and everything, while having dinner Ralf received an email reporting that one of the speakers had to cancel his workshop. Ralf then  proceeded to invite me to give a talk as just4meeting, I said yes straight way, and am I glad I did. Today I gave what i can officially say the best and most enjoyable workshop I have ever done. The crowd I was dropping info to was awesome, they really did seem to enjoy themselves and also made it possible for me to enjoy giving the talk. The talk was focused on Computer Forensics and it had two parts, a lecture and a workshop to follow.

I think in general everyone enjoyed doing the exercises even if some people did run into some issues at the beginning when at some point my VM files got corrupted but by mid of the session everyone was enjoying themselves trying to solve all the different forensic exercises I prepared for them.

Id like to thank:

– Mr Geraint Williams – For giving me access to all his materials and helping me with some ideas for the workshop

– Ralf – For allowing me to do this and giving me an opportunity

– Alex Nunes – dude u know I always have shitloadsa fun hanging out with you, and cant wait for my talk in Brazil 😀 soo ready to go drop some lines there to our Brazilian fellas.

– Bruno Morisson, Victor Domingos – It was really cool to hangout with you guys for a while, you guys seem really nice and I hope to see you at IBWAS 2010!

– Artur Martins – Thanks for everything you’re a good friend and helped me a lot with the whole driving issue 🙂

– Christian Bockermann – Dude can’t wait for us to start working on our paper and get it down to the IBWAS 2010 crew, we will deffo get accepted straight way coz we rock like that.

I also got invited by Carlos Serrao to give a talk at some other conference that will happen in Portugal more towards the end of the year and this made me really happy coz I love giving talks here in Portugal.Alex also invited me to give a talk in Brazil, so lots of work ahed. I am also really pleased I got to meet, Matthias Luft, Mayhem (<-Crazy and AWESOME dude), Daniel Mende (really cool research, you know how I feel about your presentation, absolutely loved it),Taras  Ivashchenko ,and last but not least Karsten Nohl(check top 10 list…).

That is all for now.


Blogging ?!


Blogging, something that I havent done in quite a long time (strangely all my posts start like this, with me complaining that I havent posted in a while…). I have deffo done a lot of twittering and facebooking lately.

Not much has changed in the last couple of months, I have been doing some work with CST Security Group, did a presentation on Attack Vectors (download) and some training on Network Packet analysis with them, see if I can get them to learn some assembly before the end of academic year. University organized a visit to 7safe where we received some basic training on port scanning and forensic disk imaging. It was also my birthday and surprisingly enough the best I have ever had. Me and a group of friends went down to Mango Lounge and had some good drinks for cheap prices in London after Infosec (which by the way was just AVERAGE). I am pretty much done with my forensic tool just fixing bits and bobs. Now I just need to get the final report done which shouldnt take long either. For those of you that don’t know yet, I will be staying at University of Bedfordshire for my PhD, I feel a lot of potential around here even though this is a relatively new university and there are lots of people here I want to work with, and since I have been given the opportunity to stay thats what Ill do, 4 more years here. I have also been running group support sessions for:

Distributed and Parallel Computing

Networked Systems

Computer Forensics

and Cryptography

This has been quite good fun, and some of the students ask some really funny questions. Hopefully when I start my PhD I will also be able to do some lecturing, that will be good fun.

On a different topic I will be giving a presentation/talk at UALG next week, which will essentially be on Computer Security and Forensics, this University has lots of connections with other Universities and I believe a connection with UALG will benefit Portuguese students a lot, as there are no Computer Forensic degrees in Portugal.  Ill try to post my presentation next week 🙂 If I remember this place exists.

Last topic Id like to write about: I have been invited to work on a side

Till then.. Goodbye


I decided to look for more .pt domains that still have their DNS servers vulnerable to remote transfers. I wanted to this in a way where I could test it for other countries as well. Best way to do it ? Use GOOGLE.

So google search “inurl: .pt” will return most .pt domains, then i needed to get only the urls. I looked at the Google API but this would only allow me to get access to around 30 +/- result queries. Very limited. Thats when I ran into xgoogle. This worked perfectly and my script does something really simple. It gets all the urls from a google search, removes the domain only and passes it to dnsenum, which then tests for remote transfers. This script is still in its early stages and I intend to upgrade it a little bit more so it only saves dns servers vulnerable do Remote transfers (atm its saving all the results). Feel free to try it out

To run just do: ./googlesearch.py  |tee results.txt

So imagine you want to search for french domains, edit my script (googlesearch.py) and change:

gs = GoogleSearch(“inurl:.pt”) where it says .pt change it to .fr this can ofc be modified to any other type of search you want to do on google, in case your doing a pentest to some specific company or something similar to that it can be used in reconnaissance part.

Also you might want to increase the number of results that are gonna be read from Google -> gs.results_per_page = 200 | this is where you would change it.

Download the package HERE . Test it, modify it and have fun with it.


DNS vs .pt


Apparently in Portugal there are still several companies who are not aware of several DNS issues, such as remote transfers.

lol examples :

Financial Department for Portugal

; <<>> DiG 9.6.0-APPLE-P2 <<>> @ns.dgita.min-financas.pt -t axfr portaldasfinancas.gov.pt
; (1 server found)
;; global options: +cmd
portaldasfinancas.gov.pt. 900 IN SOA ns.dgita.min-financas.pt. adm2001.dgita.min-financas.pt. 2009042818 3600 600 86400 3600
portaldasfinancas.gov.pt. 3600 IN NS ns.dgita.min-financas.pt.
portaldasfinancas.gov.pt. 86400 IN NS ns2.telepac.pt.
portaldasfinancas.gov.pt. 86400 IN MX 15 mx2.portaldasfinancas.gov.pt.
portaldasfinancas.gov.pt. 86400 IN MX 10 mx1.portaldasfinancas.gov.pt.
portaldasfinancas.gov.pt. 86400 IN MX 20 mx1.tasp.pt.
info.portaldasfinancas.gov.pt. 3600 IN A
mx1.portaldasfinancas.gov.pt. 3600 IN A
mx2.portaldasfinancas.gov.pt. 3600 IN A
ns.portaldasfinancas.gov.pt. 3600 IN A
http://www.portaldasfinancas.gov.pt. 3600 IN A
portaldasfinancas.gov.pt. 900 IN SOA ns.dgita.min-financas.pt. adm2001.dgita.min-financas.pt. 2009042818 3600 600 86400 3600
;; Query time: 100 msec
;; WHEN: Sun Dec 27 04:56:24 2009
;; XFR size: 12 records (messages 12, bytes 915)

; <<>> DiG 9.6.0-APPLE-P2 <<>> @ns.dgita.min-financas.pt -t axfr portaldasfinancas.gov.pt; (1 server found);; global options: +cmdportaldasfinancas.gov.pt. 900 IN SOA ns.dgita.min-financas.pt. adm2001.dgita.min-financas.pt. 2009042818 3600 600 86400 3600portaldasfinancas.gov.pt. 3600 IN NS ns.dgita.min-financas.pt.portaldasfinancas.gov.pt. 86400 IN NS ns2.telepac.pt.portaldasfinancas.gov.pt. 86400 IN MX 15 mx2.portaldasfinancas.gov.pt.portaldasfinancas.gov.pt. 86400 IN MX 10 mx1.portaldasfinancas.gov.pt.portaldasfinancas.gov.pt. 86400 IN MX 20 mx1.tasp.pt.info.portaldasfinancas.gov.pt. 3600 IN A 3600 IN A 3600 IN A 3600 IN A 3600 IN A 900 IN SOA ns.dgita.min-financas.pt. adm2001.dgita.min-financas.pt. 2009042818 3600 600 86400 3600;; Query time: 100 msec;; SERVER:;; WHEN: Sun Dec 27 04:56:24 2009;; XFR size: 12 records (messages 12, bytes 915)

; <<>> DiG 9.6.0-APPLE-P2 <<>> @ns03.fccn.pt -t axfr fccn.pt

; (2 servers found)

;; global options: +cmd

fccn.pt. 86400 IN SOA ns01.fccn.pt. hostmaster.fccn.pt. 2009122202 21600 7200 604800 14400

fccn.pt. 86400 IN RRSIG SOA 7 2 86400 20100121151151 20091222151151 11927 fccn.pt. kSVylILoEHKPEMYSRJ0QLo673rj8A1y3UB8ldKWHOHFj+Z2Coha0mifl CyKVzot531ri06PvVwGlM0dKl2rE/ZF71qEXIh8+lvc7yojL/2kfj5XR xP/79RRfsqnrsy7oVnjiaSgZZVJgr2GzeOFAxmb1Bnjuy9ZLsMeq3EV9 cnI=

fccn.pt. 86400 IN NS ns01.fccn.pt.

fccn.pt. 86400 IN NS ns02.fccn.pt.

fccn.pt. 86400 IN NS ns03.fccn.pt.

fccn.pt. 86400 IN RRSIG NS 7 2 86400 20100121151151 20091222151151 11927 fccn.pt. WUObzFN6pLlWMga/AmXLQo9ZNDDJCR+134Ul/JGuRe2svSewCinXcWc9 UN30KWjefNBfXQTzIPkjcb5O1VrqpAaKU+kr7dTyuPbp7Ff3556ZxKfx hkETnZ/PJN21XGt/Ghj1gCcGNehl447EQUMt70auvNeq4qXdT+h41zil LNY=

fccn.pt. 86400 IN A

fccn.pt. 86400 IN RRSIG A 7 2 86400 20100121151151 20091222151151 11927 fccn.pt.

results trimmed due to being wayy too many.

; <<>> DiG 9.6.0-APPLE-P2 <<>> @ns1.alojamentos12.com -t axfr anet.pt

; (1 server found)

;; global options: +cmd

anet.pt. 86400 IN SOA ns1.alojamentos12.com. reports.ptisp.pt. 2009112002 86400 7200 3600000 86400

anet.pt. 14400 IN MX 0 anet.pt.

anet.pt. 86400 IN NS ns1.alojamentos12.com.

anet.pt. 86400 IN NS ns2.alojamentos12.com.

anet.pt. 14400 IN A

cpanel.anet.pt. 14400 IN A

ftp.anet.pt. 14400 IN A

localhost.anet.pt. 14400 IN A

mail.anet.pt. 14400 IN CNAME anet.pt.

srsul.anet.pt.anet.pt. 14400 IN A

http://www.srsul.anet.pt.anet.pt. 14400 IN A

srcentro.anet.pt. 14400 IN A

http://www.srcentro.anet.pt. 14400 IN A

srsul.anet.pt. 14400 IN A

http://www.srsul.anet.pt. 14400 IN A

webdisk.anet.pt. 14400 IN A

webmail.anet.pt. 14400 IN A

whm.anet.pt. 14400 IN A

http://www.anet.pt. 14400 IN CNAME anet.pt.

anet.pt. 86400 IN SOA ns1.alojamentos12.com. reports.ptisp.pt. 2009112002 86400 7200 3600000 86400

;; Query time: 19 msec


;; WHEN: Sun Dec 27 04:46:13 2009

;; XFR size: 20 records (messages 1, bytes 507)

; <<>> DiG 9.6.0-APPLE-P2 <<>> @www-gw.meteo.pt -t axfr meteo.pt
; (1 server found)
;; global options: +cmd
meteo.pt. 14400 IN SOA www-gw.meteo.pt. postmaster.www-gw.meteo.pt. 2009022601 7200 3600 604800 14400
meteo.pt. 14400 IN NS www-gw.meteo.pt.
meteo.pt. 14400 IN NS ns02.fccn.pt.
meteo.pt. 14400 IN A
meteo.pt. 14400 IN MX 10 meteo.pt.mx11.anubisnetworks.com.
meteo.pt. 14400 IN MX 10 meteo.pt.mx20.anubisnetworks.com.
brief.meteo.pt. 14400 IN A
brief2.meteo.pt. 14400 IN A
brief3.meteo.pt. 14400 IN A
brim.meteo.pt. 14400 IN A
cats.meteo.pt. 14400 IN A
climaout.meteo.pt. 14400 IN A
elearning.meteo.pt. 14400 IN A
epsmil.meteo.pt. 14400 IN A
eris.meteo.pt. 14400 IN A
eris1.meteo.pt. 14400 IN A
eris2.meteo.pt. 14400 IN A
ftpserver.meteo.pt. 14400 IN A
gestao.meteo.pt. 14400 IN A
granizo.meteo.pt. 14400 IN A
grhweb.meteo.pt. 14400 IN A
hercules.meteo.pt. 14400 IN A
hosts-0.meteo.pt. 14400 IN CNAME localhost.meteo.pt.
imslserver.meteo.pt. 14400 IN A
landsaf.meteo.pt. 14400 IN A
lp2000.meteo.pt. 14400 IN A
lsa-sas.meteo.pt. 14400 IN A
messir-net.meteo.pt. 14400 IN A
mon.meteo.pt. 14400 IN A
mte-link.meteo.pt. 14400 IN A
pda.meteo.pt. 14400 IN A
rtwc.meteo.pt. 14400 IN A
safmil.meteo.pt. 14400 IN A
telexserver.meteo.pt. 14400 IN A
togalis.meteo.pt. 14400 IN A
webmail.meteo.pt. 14400 IN A
wmo.meteo.pt. 14400 IN A
wmo2.meteo.pt. 14400 IN A
http://www.meteo.pt. 600 IN A
www-gw.meteo.pt. 14400 IN A
www2.meteo.pt. 14400 IN A
meteo.pt. 14400 IN SOA www-gw.meteo.pt. postmaster.www-gw.meteo.pt. 2009022601 7200 3600 604800 14400
;; Query time: 21 msec
;; WHEN: Sun Dec 27 04:42:11 2009
;; XFR size: 42 records (messages 1, bytes 1058)
; <<>> DiG 9.6.0-APPLE-P2 <<>> @ns.itds.pt -t axfr itds.pt
; (1 server found)
;; global options: +cmd
itds.pt. 3600 IN SOA ns.itds.pt. arlindo\.silva.itds.pt. 2009091726 3600 600 86400 3600
itds.pt. 3600 IN NS ns2.itds.pt.
itds.pt. 3600 IN NS ns.itds.pt.
itds.pt. 3600 IN MX 20 h2o.itds.pt.
itds.pt. 3600 IN MX 10 relay.itds.pt.
itds.pt. 3600 IN TXT “v=spf1 mx ptr a:relay.itds.pt a:relay.itds.pt a:saturno.itds.pt mx:relay.itds.pt mx:relay.itds.pt mx:saturno.itds.pt -all”
acdweb-teste.itds.pt. 3600 IN CNAME acdweb.itds.pt.
alpha.itds.pt. 3600 IN A
anacom.itds.pt. 3600 IN A
ashtangaportugal.itds.pt. 3600 IN A
aspki.itds.pt. 3600 IN A
asterisk.itds.pt. 3600 IN A
cma.itds.pt. 3600 IN CNAME acdweb.itds.pt.
cmbeja.itds.pt. 3600 IN CNAME http://www.itds.pt.
co2.itds.pt. 3600 IN A
cusco.itds.pt. 3600 IN A
delta.itds.pt. 3600 IN A
dgpa.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
it-center.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
itc-prod.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
pontooptimo.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
vivateste.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
xportal.demo.itds.pt. 3600 IN CNAME http://www.itds.pt.
devdb.itds.pt. 3600 IN A
docs.itds.pt. 3600 IN CNAME marte.itds.pt.
dotnet.itds.pt. 3600 IN A
edia.itds.pt. 3600 IN A
emailcrm.itds.pt. 3600 IN A
estatisticas.itds.pt. 3600 IN CNAME h2o.itds.pt.
ex2003.itds.pt. 3600 IN MX 10 saturno.itds.pt.
fadata.itds.pt. 3600 IN CNAME http://www.itds.pt.
farmacia.itds.pt. 3600 IN A
fenix.itds.pt. 3600 IN A
fms1.itds.pt. 3600 IN A
forum.itds.pt. 3600 IN CNAME http://www.itds.pt.
ftp.itds.pt. 3600 IN A
fwkpn.itds.pt. 3600 IN A
gesbanha.itds.pt. 3600 IN CNAME h2o.itds.pt.
golfefari.itds.pt. 3600 IN CNAME ns.itds.pt.
golfplaya.itds.pt. 3600 IN CNAME ns.itds.pt.
h2o.itds.pt. 3600 IN A
front.honda.itds.pt. 3600 IN A
http://www.motos.honda.itds.pt. 3600 IN A
motosusadas.honda.itds.pt. 3600 IN A
http://www.honda.itds.pt. 3600 IN A
iasvet.itds.pt. 3600 IN A
iic.itds.pt. 3600 IN A
imagens.itds.pt. 3600 IN A
inac.itds.pt. 3600 IN CNAME http://www.itds.pt.
intranet.itds.pt. 3600 IN CNAME http://www.itds.pt.
iplanet.itds.pt. 3600 IN A
iscte-ige.itds.pt. 3600 IN A
jupiter.itds.pt. 3600 IN A
laranjeira.itds.pt. 3600 IN A
login.itds.pt. 3600 IN A
luacar.itds.pt. 3600 IN A
mail.itds.pt. 3600 IN A
mail2.itds.pt. 3600 IN A
mailsrv.itds.pt. 3600 IN A
marte.itds.pt. 3600 IN A
miefp.itds.pt. 3600 IN A
moodle.itds.pt. 3600 IN CNAME nacl.itds.pt.
mrelay.itds.pt. 3600 IN A
mrtg.itds.pt. 3600 IN CNAME cusco.itds.pt.
mrtg2.itds.pt. 3600 IN CNAME cusco.itds.pt.
nacionalcar.itds.pt. 3600 IN CNAME h2o.itds.pt.
nacl.itds.pt. 3600 IN A
nagios.itds.pt. 3600 IN A
ns.itds.pt. 3600 IN A
ns1.itds.pt. 3600 IN A
ns2.itds.pt. 3600 IN A
ordem.itds.pt. 3600 IN A
portais.itds.pt. 3600 IN CNAME edia.itds.pt.
portal.itds.pt. 3600 IN CNAME csplus.netgest.net.
premiotraducao.itds.pt. 3600 IN A
produtos.itds.pt. 3600 IN A
prologica.itds.pt. 3600 IN CNAME http://www.itds.pt.
relay.itds.pt. 3600 IN A
rholland.itds.pt. 3600 IN A
santogal.itds.pt. 3600 IN CNAME h2o.itds.pt.
saturno.itds.pt. 3600 IN A
shop.itds.pt. 3600 IN A
skifari.itds.pt. 3600 IN CNAME ns.itds.pt.
slb.itds.pt. 3600 IN CNAME http://www.itds.pt.
srv2000.itds.pt. 3600 IN A
ssopki.itds.pt. 3600 IN A
suplusitania.itds.pt. 3600 IN A
svn.itds.pt. 3600 IN CNAME http://www.itds.pt.
svrhel401.itds.pt. 3600 IN A
tbox.itds.pt. 3600 IN A
udifar1.itds.pt. 3600 IN A
udifarweb.itds.pt. 3600 IN A
udisso.itds.pt. 3600 IN A
venus.itds.pt. 3600 IN A
vivasocial.itds.pt. 3600 IN CNAME http://www.itds.pt.
vivateste.itds.pt. 3600 IN CNAME http://www.itds.pt.
vpnssl.itds.pt. 3600 IN A
websrv.itds.pt. 3600 IN CNAME wsrv.itds.pt.
wiki.itds.pt. 3600 IN CNAME http://www.itds.pt.
work.itds.pt. 3600 IN A
wsrv.itds.pt. 3600 IN A
http://www.itds.pt. 3600 IN A
www2.itds.pt. 3600 IN A
zeus.itds.pt. 3600 IN A
itds.pt. 3600 IN SOA ns.itds.pt. arlindo\.silva.itds.pt. 2009091726 3600 600 86400 3600
;; Query time: 136 msec
;; WHEN: Sun Dec 27 04:40:16 2009
;; XFR size: 105 records (messages 105, bytes 5383)
; <<>> DiG 9.6.0-APPLE-P2 <<>> @dbru.br.ns.els-gms.att.net -t axfr staples.pt
; (1 server found)
;; global options: +cmd
staples.pt. 86400 IN SOA dbru.br.ns.els-gms.att.net. rm-hostmaster.ems.att.com. 9 86400 10000 604800 86400
staples.pt. 28800 IN A
staples.pt. 86400 IN MX 10 mail.global.frontbridge.com.
staples.pt. 86400 IN NS dbru.br.ns.els-gms.att.net.
staples.pt. 86400 IN NS dmtu.mt.ns.els-gms.att.net.
admin2.staples.pt. 28800 IN A
extranet.staples.pt. 28800 IN A
ftp.staples.pt. 28800 IN A
mail.staples.pt. 28800 IN A
mail2.staples.pt. 28800 IN A
media.staples.pt. 28800 IN A
megaepayment.staples.pt. 28800 IN A
preprod.staples.pt. 28800 IN CNAME staples.pt.
stats.staples.pt. 28800 IN A
webservice.staples.pt. 28800 IN A
ws.staples.pt. 28800 IN A
http://www.staples.pt. 28800 IN A
www2.staples.pt. 28800 IN A
staples.pt. 86400 IN SOA dbru.br.ns.els-gms.att.net. rm-hostmaster.ems.att.com. 9 86400 10000 604800 86400
;; Query time: 165 msec
;; WHEN: Sun Dec 27 04:31:44 2009
;; XFR size: 19 records (messages 1, bytes 536)
The funniest one in my opinion. Department of Education from the Government.

; <<>> DiG 9.6.0-APPLE-P2 <<>> @garret.min-edu.pt -t axfr min-edu.pt
; (1 server found)
;; global options: +cmd
min-edu.pt. 86400 IN SOA garret.min-edu.pt. root.min-edu.pt. 2009100197 28800 7200 1209600 3600
zezere.educom.pt. 86400 IN A
min-edu.pt. 86400 IN A
min-edu.pt. 86400 IN NS ns.eunet.pt.
min-edu.pt. 86400 IN NS garret.min-edu.pt.
min-edu.pt. 86400 IN NS farolim.min-edu.pt.
min-edu.pt. 86400 IN MX 20 smtp.novis.pt.
bi.min-edu.pt. 86400 IN A
http://www.bi.min-edu.pt. 86400 IN A
ccap.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
centroescolar.min-edu.pt. 86400 IN A
si.centroescolar.min-edu.pt. 86400 IN A
http://www.centroescolar.min-edu.pt. 86400 IN A
cne.min-edu.pt. 86400 IN A
cne.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
crie.min-edu.pt. 86400 IN NS ns.crie.min-edu.pt.
crie.min-edu.pt. 86400 IN NS paquid.crie.min-edu.pt.
crie.min-edu.pt. 86400 IN NS zezere.educom.pt.
ns.crie.min-edu.pt. 86400 IN A
paquid.crie.min-edu.pt. 86400 IN A
degre.min-edu.pt. 86400 IN A
degre.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
desportoescolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
dgae.min-edu.pt. 86400 IN A
dgae.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
dgfv.min-edu.pt. 86400 IN NS server.dgfv.min-edu.pt.
server.dgfv.min-edu.pt. 86400 IN A
dgidc.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
dgrhe.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
dreale.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
drealg.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
drec.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
drel.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
drelvt.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
dren.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
http://www.eb1mat.min-edu.pt. 86400 IN A
http://www.emse.min-edu.pt. 86400 IN A
entreculturas.min-edu.pt. 86400 IN A
entreculturas.min-edu.pt. 86400 IN NS entreculturas.min-edu.pt.
escolas.min-edu.pt. 86400 IN NS ns.gp.fccn.pt.
eu2007.min-edu.pt. 86400 IN NS bsd.addition.pt.
eu2007.min-edu.pt. 86400 IN NS ns2.addition.pt.
fae.min-edu.pt. 86400 IN A
fae.min-edu.pt. 86400 IN NS fae.min-edu.pt.
farolim.min-edu.pt. 86400 IN A
gaaires.min-edu.pt. 86400 IN A
gaaires.min-edu.pt. 86400 IN NS gaaires.min-edu.pt.
gaeri.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
garret.min-edu.pt. 86400 IN HINFO “PC486” “Linux”
garret.min-edu.pt. 86400 IN A
gave.min-edu.pt. 86400 IN NS ns.addition.pt.
gave.min-edu.pt. 86400 IN NS bsd.addition.pt.
w3.gave.min-edu.pt. 86400 IN A
gcse.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
gef.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
gepe.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
ggf.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
giase.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
nomes.giase.min-edu.pt. 86400 IN A
gme.min-edu.pt. 86400 IN A
ige.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
ihe.min-edu.pt. 86400 IN A
ihe.min-edu.pt. 86400 IN NS ihe.min-edu.pt.
inquerito-dgae.min-edu.pt. 86400 IN A
inquerito-dgae.min-edu.pt. 86400 IN NS inquerito-dgae.min-edu.pt.
inquerito1-dgae.min-edu.pt. 86400 IN A
inquerito1-dgae.min-edu.pt. 86400 IN NS inquerito1-dgae.min-edu.pt.
intranet.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
jne.min-edu.pt. 86400 IN NS ns.gp.fccn.pt.
localhost.min-edu.pt. 86400 IN A
mask.min-edu.pt. 86400 IN A
misi.min-edu.pt. 86400 IN A
misi.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
nssg.min-edu.pt. 86400 IN A
ose.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
otes.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
parque-escolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
pept.min-edu.pt. 86400 IN A
pept.min-edu.pt. 86400 IN NS pept.min-edu.pt.
pipa.min-edu.pt. 86400 IN A
portalcolaborativo.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
povt.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
pre-escolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
preescolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
prescolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
prodep.min-edu.pt. 86400 IN A
prodep.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
prof.min-edu.pt. 86400 IN NS ns.gp.fccn.pt.
rae.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
rbe.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
recortes.min-edu.pt. 86400 IN NS ns.addition.pt.
recortes.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
redescolar.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
ricome.min-edu.pt. 86400 IN A
roteiro.min-edu.pt. 86400 IN A
http://www.roteiro.min-edu.pt. 86400 IN A
seae.min-edu.pt. 86400 IN A
seguranet.min-edu.pt. 86400 IN A
seguranet.min-edu.pt. 86400 IN NS seguranet.min-edu.pt.
sg.min-edu.pt. 86400 IN A
sg.min-edu.pt. 86400 IN NS sg.min-edu.pt.
sg.min-edu.pt. 86400 IN MX 90 sgmail.min-edu.pt.
sgmail.min-edu.pt. 86400 IN A
sibme.min-edu.pt. 86400 IN A
sibmedoc.min-edu.pt. 86400 IN A
sipac.min-edu.pt. 86400 IN NS farolim.min-edu.pt.
http://www.min-edu.pt. 86400 IN A
min-edu.pt. 86400 IN SOA garret.min-edu.pt. root.min-edu.pt. 2009100197 28800 7200 1209600 3600
;; Query time: 299 msec
;; WHEN: Sun Dec 27 04:25:51 2009
;; XFR size: 109 records (messages 1, bytes 2308)
I do wonder sometimes what the sysadmins of these companies are doing. Basic stuff that should be fixed ASAP.