About "update" packets

Jim Reid jim at rfc1035.com
Wed Jun 16 15:55:06 UTC 2004


>>>>> "Maurizio" == Maurizio Colella <Maurizio.Colella at marconi.com> writes:

    >> Some things -- ie zone transfers -- only work over TCP.

    Maurizio> .. you must to think that allow "zone transfer" to
    Maurizio> internet is a good help for know what are our HOSTS to
    Maurizio> any hackers !  At the moment we don't need to perform
    Maurizio> never zone transfer, only because we don't have some
    Maurizio> slave servers..

You are kidding yourself if you believe that preventing zone transfers
will prevent anyone enumerating the contents of your zones. There are
a bundle of techniques currently in use for this and they don't rely
on zone transfers. And anyway it'll make no difference if "hackers"
know the names of your hosts or not. Most of the script kiddies use
address and port scanners to probe victim networks and then try
whatever tools they have for exploiting holes in web, SMTP, etc
servers. I don't believe things like the Slammer worm and Sobig
viruses even cared about the names of the computers they attacked.


More information about the bind-users mailing list