Zone Transfer Problem

Dirk Schulten dirk.schulten at intrex-systems.com
Thu Feb 15 14:14:19 UTC 2001


Hello,

>     Dirk> We do we need a new ISP? He is responsible for his
>     Dirk> nameservers.  If he prefers to be a potential target in the
>     Dirk> internet, I think, it's his problem.  :-)
>Well it's also your problem if your ISP's vulnerable name servers host
>your DNS data. What if the servers were penetrated and your zone's MX
>records or website address got pointed elsewhere?

I've never though of it this way, but only at security reasons to get
a leak into our servers and retrieving information instead of
manipulating them.

Thinking of it the other way: Why should anyone redirect our emails
or websites as this is nothing you will not recognize very quickly.
They can out our sites to a fancy coloured page with the title
"r00ted" or something, but that's all. They don't affect our
servers or the information on them.
Only the problem with the emails is a very difficult one.

I wouldn't go too far with pointing out that our ISP's server is vulnerable as
I cannot retrieve the version number of that bind release.

The only thing I know is, that I was told that the server release
is really quite old and that is some sort of bind 4.

Your,
Dirk Schulten.



More information about the bind-users mailing list