[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] approved AXFR

Subject: Re: [cobalt-users] approved AXFR
From: "Larry E. Smith" <lesmith@xxxxxxxxxxxxxx>
Date: Wed Dec 5 13:30:09 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Wed, Dec 05, 2001 at 06:41:15PM -0000, Ben Liddicott wrote:
> It means that that IP address asked your DNS server for a domain transfer, i.e., to list all names in the domain.
> 
> It's harmless, and probably means someone has used the dig tool.
> 

Ben,

  Agree - but......

  It is probably "harmless" unless you are hosting quite a few
  domains under your DNS and then it means that they have
  "pulled" (copied) your entire DNS structure to their machine so
  they know all your IP's, server names, aliases, cnames, etc.

  While all this information is "publicly" available, it is
  generally thought of very "un-kindly" for someone to actually
  "copy" your entire configuration unless they are an upstream
  provider that does secondary DNS for you.  And that does not
  even include all the "possible" security implications....
  (EG: why probe random IP's when you have a list...)

Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx

Follow-Ups:
- Re: [cobalt-users] approved AXFR
  - From: Ben Liddicott

References:
- [cobalt-users] approved AXFR
  - From: Achieve Website Design
- Re: [cobalt-users] approved AXFR
  - From: Ben Liddicott

Prev by Date: [cobalt-users] SSL
Next by Date: Re: [cobalt-users] approved AXFR
Previous by thread: Re: [cobalt-users] approved AXFR
Next by thread: Re: [cobalt-users] approved AXFR

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index