From owner-freebsd-net  Fri Jul 10 17:59:33 1998
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA00805
          for freebsd-net-outgoing; Fri, 10 Jul 1998 17:59:33 -0700 (PDT)
          (envelope-from owner-freebsd-net@FreeBSD.ORG)
Received: from obie.softweyr.com ([204.68.178.33])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA00800
          for <freebsd-net@freebsd.org>; Fri, 10 Jul 1998 17:59:30 -0700 (PDT)
          (envelope-from wes@obie.softweyr.com)
Received: (from wes@localhost)
	by obie.softweyr.com (8.8.8/8.8.8) id SAA05159;
	Fri, 10 Jul 1998 18:58:54 -0600 (MDT)
	(envelope-from wes)
From: Wes Peters <wes@softweyr.com>
Message-Id: <199807110058.SAA05159@obie.softweyr.com>
Subject: Re: DNS zone xfers from random(?) sites
In-Reply-To: <199807101158.VAA15030@mail.aussie.org> from Hallam Oaks P/L list account at "Jul 10, 98 09:59:07 pm"
To: maillist@oaks.com.au
Date: Fri, 10 Jul 1998 18:58:53 -0600 (MDT)
Cc: freebsd-net@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> I've been primary DNS for a few domains for about two or three years now. 
> Right now my machine hosts about six primary DNS entries. Each of the 
> primaries is backed by two secondaries. So far so good.
> 
> Recently (a few months ago) I added a new domain - mgr.org.au - and have 
> since started noticing a pattern of zone transfers that I do not 
> explicitly recall seeing before on any of my other domains.
>
> [...]
> 
> While I could of course block them from doing this I am curious as to 
> whether or not anyone can offer up any suggestion as to _why_ this may be 
> happening, and if there is any legitimate explanation for it. [...]
> 
> If there's a legitimate purpose for it I'll just let it continue. I know 
> it's possible to do manual zone transfers (heck, I've done it myself) but 
> I can't figure out why so many different sites ...

I can't think of anything off the top of my head.  Are the sites
that are transferring repeating this act, or is this just a lit of
random sites around the world?

Do any of the DNS diagnostic tools, like dnswalk, zone-transfer a
domain?

I've lately been getting a weekly email from someon in .nl about
a lame delegation problem; the secondary server my ISP chose is
ont responding.  They're moving secondary services to a server they
own at a co-locate site, in the meantime, I'm lame.  ;^)  Perhaps
the diagnostic software that discovers these problems does zone
transfers to get the scoop on the domain?

Best of luck.

-- 
       "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                 Softweyr LLC
http://www.softweyr.com/~softweyr                      wes@softweyr.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message