Unapproved AXFR?
Barry Margolin
barmar at bbnplanet.com
Tue Dec 14 16:34:50 UTC 1999
From: Bill Manning <bmanning at ISI.EDU>
Date: Tue, 14 Dec 1999 08:25:37 -0800 (PST)
% seen an answer to my question: is there a _technical_ reason to limit
% zone transfers (except for server overload)?
%
% If you name machines after users, projects, etc. then zone transfers can
% divulge proprietary information. Most companies have a policy that the
% employee directory can't be distributed to outsiders; if the DNS database
% is almost equivalent, it makes sense not to distribute it, either.
That, like the two reasons I gave, is not a technical justification, its
administrative/policy.
All computer security is. It's a way to use technology to implement
policy.
By your logic, there's no technical reason to require passwords. It's just
administrative/policy that unauthorized people aren't allowed to use the
computers.
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
More information about the bind-users
mailing list