BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] DNS question about DNSENUM.PL

Subject: [Discuss] DNS question about DNSENUM.PL
From: richard.pieri at gmail.com (Rich Pieri)
Date: Mon, 25 Mar 2013 19:54:15 -0400
In-reply-to: <5150CE85.9010803@gmail.com>
References: <CADdmjq_jPJ8j6mJVzm2T8Tz6tZPF=cM5rPK7xZAA3gmwJTw-PQ@mail.gmail.com> <5150CE85.9010803@gmail.com>

--On Monday, March 25, 2013 6:24 PM -0400 Tom Metro <tmetro+blu at gmail.com> 
wrote:

> Disabling zone transfers is an attempts to hide the particulars within a
> zone, but it is imperfect at best, as this information often leaks out
> through other means (mail headers, for example). One possibility is to

It's less about security by obscurity and more about avoiding a denial of 
service.

Zone transfers happen over TCP. TCP sockets are stateful connections. Most 
name servers are monolithic processes. Thus, it is trivially easy to 
monopolize a name server process by sending an AXFR request and then not 
dropping the connection. The easiest way to prevent that is to simply say 
"no" to the querent and drop the connection on the server side.

-- 
Rich P.

References:
- [Discuss] DNS question about DNSENUM.PL
  - From: omegahalo at gmail.com (Chris O'Connell)
- [Discuss] DNS question about DNSENUM.PL
  - From: tmetro+blu at gmail.com (Tom Metro)

Prev by Date: [Discuss] DNS question about DNSENUM.PL
Next by Date: [Discuss] DNS question about DNSENUM.PL
Previous by thread: [Discuss] DNS question about DNSENUM.PL
Next by thread: [Discuss] DNS question about DNSENUM.PL
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org