If the information is available in DNS it can be easily extracted using reverse mapping so disabling Zone Transfers doesn't really accomplish anything.
This article can give you some additional insight. http://www.securityfocus.com/templates/forum_message.html?forum=2&head=32&id=32
-- Bill Stackpole, CISSP
| Scott Reber <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 07/11/00 04:43 PM
|
To: [EMAIL PROTECTED] cc: Subject: dns zone transfers |
I have recently been informed that a MAJOR US ISP allows zone transfers for
zones that it hosts as secondary. Upon request to change this default for
a particular zone this ISP said they could not.
This seems to be a security risk and a disregard for the security concerns
of their clients. Am I incorrect? How do members of this list deal with
such an issue?
_________________________________________________________________
Scott Reber
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
