netiquette & zone transfers

Markus Stumpf maex at Space.Net
Tue Mar 21 17:55:01 UTC 2000

On Tue, Mar 21, 2000 at 01:41:24PM +0000, Otavio Exel wrote:
> is it bad netiquette to attempt unauthorized zone transfers?
> while experimenting with dns tools in order to get familiar with the DNS
> protocol (unix semi-newbye here) I did many unauthorized zone transfers
> from servers here in my country (Brazil); after a while I got some
> rather hostile messages from the admins of the ".br" domain;

Zone transfers and the information therein are used by script kiddies
to gather information and postprocess them in order to get new targets
for attacks.
Because of that a lot of admins are rather "sensitive" to unauthorized

Just for the records: I'm seeing in our logfiles about 5-10 of those
attacks trying to AXFR blocks of about 200-300 different domains from
our DNS servers every day. Some of those attacks last a whole week and
try to AXFR up to 5000 domains. Besides the cracking aspect I think
they're a nuissance, waste bandwidth and put unnecessary load on our
DNS servers. That's why we have strict ACLs.


SpaceNet GmbH             |   http://www.Space.Net/   | Stress is when you wake
Research & Development    | mailto:maex-sig at Space.Net | up screaming and you
Joseph-Dollinger-Bogen 14 |  Tel: +49 (89) 32356-0    | realize you haven't
D-80807 Muenchen          |  Fax: +49 (89) 32356-299  | fallen asleep yet.

More information about the bind-users mailing list