Author Topic: DNS Zone Transfer (Read 7718 times)

wilnix · « **on:** March 04, 2002, 02:47:14 PM »

For people who deal with DNS:

Make sure you dont forget to add this to your options command in named.conf

allow-transfer { <ipofsecondarydns>; };

to keep from allowing this to happen:

client# nslookup
Default Server: client.ventanamed.com
Address: 1.2.3.4

> server ns1.badadmin.com
Default Server: ns1.badadmin.com
Address: a.b.c.d

> ls -d badadmin.com>> gotyourwholedns.log
[badadmin.com]
#####
Received 258 answers (258 records).
> exit

client#

Its just another way to make your life easier and a little more secure.

Hopes this help ~

Wilnix

Metgod · « **Reply #1 on:** March 04, 2002, 09:14:28 PM »

yep yep
and another command that can grab some info is 'host'

try a 'host -a' or 'host -l -v -t any'

among others..

Although I find the output useful (knowing which is the A, the NS, the SOA, etc)
it can be a security risk. Actually Cobby was in the process of writing about DNS
spoofing. Can't wait for that one to goto X-Zine. It'll be a hit I'm sure....

Anyways, good job maddy (wilnix for those who don't know him...)

wilnix · « **Reply #2 on:** March 05, 2002, 12:11:18 PM »

No problem!

Next week I'll add another tip...

Wilnix

Author Topic: DNS Zone Transfer (Read 7718 times)

wilnix

DNS Zone Transfer

Metgod

Re:DNS Zone Transfer

wilnix

Re:DNS Zone Transfer