Unapproved AXFR?

[Steinar Haug]

[Lars-Johan Liman]

|   The first one is the one that people always jump to: someone is
|   trying to identify all my computers. That is not likely to be a
|   security leak, so why bother protecting it? (My question is more
|   honest than it sounds: is there really a reason to protect this?)

I used to be of that opinion also. Then somebody transferred most of the
zones from a server which is slave for several thousand zones - and soon
afterwards we saw attacks which were obviously based on information from
those zone files. We stopped public zone transfers after that incident.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no