[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debian.org DNSs allow unrestricted zone transfers

On Tue, 15 May 2007, Abel Martín wrote:
> I thought zone transfers should only be possible between DNSs which
> have records for the same domain, so why are debian.org DNSs (raff,

Only if you have a reason to hide who is in your domain.

> possibility of suffering DoS attacks (it serves 254 records). Is there
> an explanation for this?

Well, I am not sure about the DoS possibilities, but I take advantage of the
fact that it allows zone tranfers to have a local mirror of @d.o in my bind

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: