High Zone Xfer?
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Mon Feb 19 22:27:36 UTC 2001
> Could someone please tell me what a High Zone Xfer is, and what kind of
> security risk (if any) it is?
It's a stupid firewall message. Firstly there is no requirement
for the source address of a tcp connection to be in any port
range (the High part of the message). Secondly the DNS is a
public database and as such transfering part of that database
is reasonable.
That said it gives some people a warm fuzzy feeling to block
zone transfers in the belief that it will significantly slow
down attempts to break into the site or reduce spam.
P.S. don't munge your email address is all it does is make it
harder for people to help you. It doesn't stop spam. Spammers
just take the address and try both addresses with and without
the "nospam." in this case.
Mark
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list