Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hi Chris/Alan,
- I have a question on AXFR (zone-transfer) records.
- All my domains in the past have disallowed AXFR lookups.
- Example:
- $ dig @ns1.telstra.net abc.net.au axfr
- But after moving my DNS to a stock Ubuntu server, it seems to be a default to allow AXFR lookups for anyone. I also noticed the default for this is disallowed on Debian 6.
- What I want to know is how important is it to restrict AXFR lookups.
- Should they be allowed to be public since DNS should be public anyway?
- If so then why do so many DNS hosts out there have this disabled by default?
- Thanks for your time.
- Regards
- Simon, Australia
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement