Date: Fri, 30 Jun 2000 09:29:39 +0200 (CEST) From: Paul Herman <pherman@frenchfries.net> To: cjclark@alum.mit.edu Cc: freebsd-questions@FreeBSD.ORG Subject: Re: [Totally Off Topic] Zone Xfers from ISP Message-ID: <Pine.BSF.4.21.0006300917470.224-100000@bagabeedaboo.security.at12.de> In-Reply-To: <20000629232248.E653@dialin-client.earthlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 29 Jun 2000, Crist J. Clark wrote: > How widespread is the practice of restricting zone transfers from > registered DNS servers? Pretty wide spread, but so is the practice of wide open DNSes. Here in Germany, a local ISP does it. Many universities do it as well. I personaly think it isn't so bad. It can definately make an insecure network even less secure (like having outdated-linux-version.victim.com, or wu-imap.victim.com), but if you already run a tight ship, then I don't think it would create any new headaches. > Before we go marching, well, phoning anyway, in to the ISPs with loose > rules ranting about their insecure DNS config, I want to find out if > they are going to laugh and say that's how everybody does it. DNS Then they probably think their network is secure. :) -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006300917470.224-100000>