netiquette & zone transfers
Markus Stumpf
maex at Space.Net
Tue Mar 21 17:55:01 UTC 2000
On Tue, Mar 21, 2000 at 01:41:24PM +0000, Otavio Exel wrote:
> is it bad netiquette to attempt unauthorized zone transfers?
>
> while experimenting with dns tools in order to get familiar with the DNS
> protocol (unix semi-newbye here) I did many unauthorized zone transfers
> from servers here in my country (Brazil); after a while I got some
> rather hostile messages from the admins of the ".br" domain;
Zone transfers and the information therein are used by script kiddies
to gather information and postprocess them in order to get new targets
for attacks.
Because of that a lot of admins are rather "sensitive" to unauthorized
DNS AXFRs.
Just for the records: I'm seeing in our logfiles about 5-10 of those
attacks trying to AXFR blocks of about 200-300 different domains from
our DNS servers every day. Some of those attacks last a whole week and
try to AXFR up to 5000 domains. Besides the cracking aspect I think
they're a nuissance, waste bandwidth and put unnecessary load on our
DNS servers. That's why we have strict ACLs.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:maex-sig at Space.Net | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
More information about the bind-users
mailing list