zone transfers

Brad Knowles brad.knowles at skynet.be
Fri Jun 15 14:41:51 UTC 2001


At 9:24 AM -0500 6/15/01, Dykes Greg-FGD008 wrote:

>  Are zone transfers limited to name servers? Considering using DNS for a
>  private application and need to be able to "gather" zone data when a client
>  application boots up. Can a DNS client request a zone transfer from a name
>  server?

	No problem.  It's trivially easy to do with tools like dig, and 
you could easily do the same from your own application.  For example:

		% dig @ns.ripe.net. to. axfr

	This will get you a complete copy of the ".to" ccTLD zone, which 
contains some pretty interesting information, depending on what 
you're looking for.  Note that ns.ripe.net is one of the main 
nameservers for most ccTLDs, so if there's ever anything you want and 
this machine is authoritative for it, you can swipe it from there.


	Another good machine is auth02.ns.uu.net.  I have found both of 
these machines to be generally wide-open to zone transfers.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'


More information about the bind-users mailing list