Zone Transfer Problem
Dirk Schulten
dirk.schulten at intrex-systems.com
Thu Feb 15 14:14:19 UTC 2001
Hello,
> Dirk> We do we need a new ISP? He is responsible for his
> Dirk> nameservers. If he prefers to be a potential target in the
> Dirk> internet, I think, it's his problem. :-)
>Well it's also your problem if your ISP's vulnerable name servers host
>your DNS data. What if the servers were penetrated and your zone's MX
>records or website address got pointed elsewhere?
I've never though of it this way, but only at security reasons to get
a leak into our servers and retrieving information instead of
manipulating them.
Thinking of it the other way: Why should anyone redirect our emails
or websites as this is nothing you will not recognize very quickly.
They can out our sites to a fancy coloured page with the title
"r00ted" or something, but that's all. They don't affect our
servers or the information on them.
Only the problem with the emails is a very difficult one.
I wouldn't go too far with pointing out that our ISP's server is vulnerable as
I cannot retrieve the version number of that bind release.
The only thing I know is, that I was told that the server release
is really quite old and that is some sort of bind 4.
Your,
Dirk Schulten.
More information about the bind-users
mailing list