[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Unapproved "approved zone transfer"

Subject: Re: [cobalt-users] Unapproved "approved zone transfer"
From: flash22@xxxxxxx
Date: Sun Mar 4 20:33:00 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Sat, 3 Mar 2001, Rodolfo Paiz wrote:

> Hi, all...
> Mar  3 03:48:21 adan named[443]: approved AXFR from
> * I don't use this domain (all traffic is pointed to the .com)
> * Everything in named.conf says "allow-update from none"
> * I don't see anything else in the logs from this IP
> * I don't even know anyone in Canada
> * Why the hell would mudpuppy.armchair.mb.ca want my zone file?
> 
> I'd treat it as a hack attempt, but there doesn't seem to be a point.
> Can anyone offer any comments?

Only that you aren't the only one -/ I noticed that the bind package for
the Raq2 allows zone transfers from any idiot that asks...

ie , there is no acl info whatsoever in the config file...

It will also happpily do recursive queries for anyone ...

I have had the same nameserver make several requests for xfers, dunno why,
it was a real nameserver, but has no real reason to be asking
for zones....*shrug* 

It's entirely possible it is just some curious person using dig btw...

(Maybe if i get bored later i will send it a notify and see if something
interesting happens -/)

gsh

References:
- [cobalt-users] Unapproved "approved zone transfer"
  - From: Rodolfo Paiz

Prev by Date: Re: [cobalt-users] Text based web browsing
Next by Date: Re: [cobalt-users] Text based web browsing
Previous by thread: [cobalt-users] Unapproved "approved zone transfer"
Next by thread: Re: [cobalt-users] Unapproved "approved zone transfer"

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index