[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debian.org DNSs allow unrestricted zone transfers

also sprach Abel Martín <abel.martin.ruiz@gmail.com> [2007.05.15.1356 +0200]:
> I thought zone transfers should only be possible between DNSs
> which have records for the same domain, so why are debian.org DNSs
> (raff, rietz, klecker) allowing zone transfers? Maybe I'm
> paranoid, but I think there are security issues related to this,
> including the possibility of suffering DoS attacks (it serves 254
> records). Is there an explanation for this?

Where is the attack vector? I can DoS those servers in other ways

Please do not send copies of list mail to me; I read the list!
 .''`.   martin f. krafft <madduck@debian.org>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
#include <signature.h>

Attachment: signature.asc
Description: Digital signature (GPG/PGP)

Reply to: